SUPEE-10975 Potential IssuesSecurity Patch SUPEE-10975 - Possible issues?Back-up strategy post...

Publishing research using outdated methods

Quickly creating a sparse array

Is there a weight limit to Feather Fall?

What is the purpose of easy combat scenarios that don't need resource expenditure?

What are the exceptions to Natural Selection?

What would the chemical name be for C13H8Cl3NO

A Missing Symbol for This Logo

Intern applicant asking for compensation equivalent to that of permanent employee

Flipping axis on a LogPlot

What is the difference between rolling more dice versus fewer dice?

How can a school be getting an epidemic of whooping cough if most of the students are vaccinated?

What are career options for big-picture thinkers with no experience?

What is the most fuel efficient way out of the Solar System?

Consequences of lack of rigour

use of 4/2 chord more compelling than root position?

Non-Cancer terminal illness that can affect young (age 10-13) girls?

Using only 1s, make 29 with the minimum number of digits

Can we harness gravitational potential energy?

Dilemma of explaining to interviewer that he is the reason for declining second interview

Can I make estimated tax payments instead of withholding from my paycheck?

Comparing two arrays of unequal length

Am I a Rude Number?

How would an AI self awareness kill switch work?

Why is working on the same position for more than 15 years not a red flag?



SUPEE-10975 Potential Issues


Security Patch SUPEE-10975 - Possible issues?Back-up strategy post SUPEE-10975?Backup fuction gone in admin after sucessful upgrade to 1.9.4?Can't install patch (SUPEE-10975)Magento security patch 5344 errorError installing security patches on CE 1.7.0.2Error while Patching Security Patch (SUPEE-6285) - NoItems.phtml (SOLVED)SUPEE-7405 failing to install on my version of 1.9.1.1Patch 7405 not applying because patch was detectedCart is not Update automaticallyGetting Invalid block type with custom extensionErrors Faced in Patching PATCH_SUPEE-6285Security Patch SUPEE-10975 - Possible issues?Magento 1 - Patch SUPEE-10415 is not applied













13















SUPEE-10975 has been released, it would be great to know if anyone runs into any issues while trying to apply this, will this conflict with the most recent patch that adds 7.2 support?



So far these are the changed files I can see



app/code/core/Mage/Adminhtml/Block/Customer/Group/Edit.php
app/code/core/Mage/Adminhtml/Block/Newsletter/Template/Edit.php
app/code/core/Mage/Adminhtml/controllers/Cms/BlockController.php
app/code/core/Mage/Adminhtml/controllers/Customer/GroupController.php
app/code/core/Mage/Adminhtml/controllers/SitemapController.php
app/code/core/Mage/Adminhtml/controllers/System/BackupController.php
app/code/core/Mage/Captcha/Model/Observer.php
app/code/core/Mage/Captcha/Model/Zend.php
app/code/core/Mage/Captcha/etc/config.xml
app/code/core/Mage/Catalog/Model/Api2/Product/Image/Rest/Admin/V1.php
app/code/core/Mage/Catalog/Model/Product/Attribute/Media/Api.php
app/code/core/Mage/Cms/Model/Wysiwyg/Images/Storage.php
app/code/core/Mage/Core/etc/config.xml
app/code/core/Mage/Core/sql/core_setup/upgrade-1.6.0.7.1.1-1.6.0.7.1.2.php
app/code/core/Mage/Dataflow/Model/Convert/Container/Abstract.php
app/code/core/Mage/ImportExport/Model/Import/Entity/Customer.php
app/code/core/Mage/ImportExport/Model/Import/Entity/Customer/Address.php
app/code/core/Mage/Payment/etc/config.xml
app/code/core/Mage/Payment/etc/system.xml
app/code/core/Mage/Payment/sql/payment_setup/upgrade-1.6.0.0.1.1-1.6.0.0.1.2.php
app/code/core/Mage/Sendfriend/Block/Send.php
app/code/core/Mage/Wishlist/controllers/IndexController.php
app/code/core/Zend/Controller/Request/Http.php
app/design/adminhtml/default/default/template/cms/browser/content/files.phtml
app/design/frontend/base/default/layout/captcha.xml
app/design/frontend/base/default/template/wishlist/sharing.phtml
app/design/frontend/rwd/default/layout/page.xml
app/design/frontend/rwd/default/template/sendfriend/send.phtml
app/etc/modules/Mage_All.xml
app/etc/modules/Mage_Captcha.xml
app/locale/en_US/Mage_Wishlist.csv
js/lib/jquery/jquery-1.12.0.js
js/lib/jquery/jquery-1.12.0.min.js
js/lib/jquery/jquery-1.12.0.min.map
js/lib/jquery/jquery-1.12.1.js
js/lib/jquery/jquery-1.12.1.min.js
js/lib/jquery/jquery-1.12.1.min.map


Has anyone ran into any issues with these changes?










share|improve this question





























    13















    SUPEE-10975 has been released, it would be great to know if anyone runs into any issues while trying to apply this, will this conflict with the most recent patch that adds 7.2 support?



    So far these are the changed files I can see



    app/code/core/Mage/Adminhtml/Block/Customer/Group/Edit.php
    app/code/core/Mage/Adminhtml/Block/Newsletter/Template/Edit.php
    app/code/core/Mage/Adminhtml/controllers/Cms/BlockController.php
    app/code/core/Mage/Adminhtml/controllers/Customer/GroupController.php
    app/code/core/Mage/Adminhtml/controllers/SitemapController.php
    app/code/core/Mage/Adminhtml/controllers/System/BackupController.php
    app/code/core/Mage/Captcha/Model/Observer.php
    app/code/core/Mage/Captcha/Model/Zend.php
    app/code/core/Mage/Captcha/etc/config.xml
    app/code/core/Mage/Catalog/Model/Api2/Product/Image/Rest/Admin/V1.php
    app/code/core/Mage/Catalog/Model/Product/Attribute/Media/Api.php
    app/code/core/Mage/Cms/Model/Wysiwyg/Images/Storage.php
    app/code/core/Mage/Core/etc/config.xml
    app/code/core/Mage/Core/sql/core_setup/upgrade-1.6.0.7.1.1-1.6.0.7.1.2.php
    app/code/core/Mage/Dataflow/Model/Convert/Container/Abstract.php
    app/code/core/Mage/ImportExport/Model/Import/Entity/Customer.php
    app/code/core/Mage/ImportExport/Model/Import/Entity/Customer/Address.php
    app/code/core/Mage/Payment/etc/config.xml
    app/code/core/Mage/Payment/etc/system.xml
    app/code/core/Mage/Payment/sql/payment_setup/upgrade-1.6.0.0.1.1-1.6.0.0.1.2.php
    app/code/core/Mage/Sendfriend/Block/Send.php
    app/code/core/Mage/Wishlist/controllers/IndexController.php
    app/code/core/Zend/Controller/Request/Http.php
    app/design/adminhtml/default/default/template/cms/browser/content/files.phtml
    app/design/frontend/base/default/layout/captcha.xml
    app/design/frontend/base/default/template/wishlist/sharing.phtml
    app/design/frontend/rwd/default/layout/page.xml
    app/design/frontend/rwd/default/template/sendfriend/send.phtml
    app/etc/modules/Mage_All.xml
    app/etc/modules/Mage_Captcha.xml
    app/locale/en_US/Mage_Wishlist.csv
    js/lib/jquery/jquery-1.12.0.js
    js/lib/jquery/jquery-1.12.0.min.js
    js/lib/jquery/jquery-1.12.0.min.map
    js/lib/jquery/jquery-1.12.1.js
    js/lib/jquery/jquery-1.12.1.min.js
    js/lib/jquery/jquery-1.12.1.min.map


    Has anyone ran into any issues with these changes?










    share|improve this question



























      13












      13








      13


      6






      SUPEE-10975 has been released, it would be great to know if anyone runs into any issues while trying to apply this, will this conflict with the most recent patch that adds 7.2 support?



      So far these are the changed files I can see



      app/code/core/Mage/Adminhtml/Block/Customer/Group/Edit.php
      app/code/core/Mage/Adminhtml/Block/Newsletter/Template/Edit.php
      app/code/core/Mage/Adminhtml/controllers/Cms/BlockController.php
      app/code/core/Mage/Adminhtml/controllers/Customer/GroupController.php
      app/code/core/Mage/Adminhtml/controllers/SitemapController.php
      app/code/core/Mage/Adminhtml/controllers/System/BackupController.php
      app/code/core/Mage/Captcha/Model/Observer.php
      app/code/core/Mage/Captcha/Model/Zend.php
      app/code/core/Mage/Captcha/etc/config.xml
      app/code/core/Mage/Catalog/Model/Api2/Product/Image/Rest/Admin/V1.php
      app/code/core/Mage/Catalog/Model/Product/Attribute/Media/Api.php
      app/code/core/Mage/Cms/Model/Wysiwyg/Images/Storage.php
      app/code/core/Mage/Core/etc/config.xml
      app/code/core/Mage/Core/sql/core_setup/upgrade-1.6.0.7.1.1-1.6.0.7.1.2.php
      app/code/core/Mage/Dataflow/Model/Convert/Container/Abstract.php
      app/code/core/Mage/ImportExport/Model/Import/Entity/Customer.php
      app/code/core/Mage/ImportExport/Model/Import/Entity/Customer/Address.php
      app/code/core/Mage/Payment/etc/config.xml
      app/code/core/Mage/Payment/etc/system.xml
      app/code/core/Mage/Payment/sql/payment_setup/upgrade-1.6.0.0.1.1-1.6.0.0.1.2.php
      app/code/core/Mage/Sendfriend/Block/Send.php
      app/code/core/Mage/Wishlist/controllers/IndexController.php
      app/code/core/Zend/Controller/Request/Http.php
      app/design/adminhtml/default/default/template/cms/browser/content/files.phtml
      app/design/frontend/base/default/layout/captcha.xml
      app/design/frontend/base/default/template/wishlist/sharing.phtml
      app/design/frontend/rwd/default/layout/page.xml
      app/design/frontend/rwd/default/template/sendfriend/send.phtml
      app/etc/modules/Mage_All.xml
      app/etc/modules/Mage_Captcha.xml
      app/locale/en_US/Mage_Wishlist.csv
      js/lib/jquery/jquery-1.12.0.js
      js/lib/jquery/jquery-1.12.0.min.js
      js/lib/jquery/jquery-1.12.0.min.map
      js/lib/jquery/jquery-1.12.1.js
      js/lib/jquery/jquery-1.12.1.min.js
      js/lib/jquery/jquery-1.12.1.min.map


      Has anyone ran into any issues with these changes?










      share|improve this question
















      SUPEE-10975 has been released, it would be great to know if anyone runs into any issues while trying to apply this, will this conflict with the most recent patch that adds 7.2 support?



      So far these are the changed files I can see



      app/code/core/Mage/Adminhtml/Block/Customer/Group/Edit.php
      app/code/core/Mage/Adminhtml/Block/Newsletter/Template/Edit.php
      app/code/core/Mage/Adminhtml/controllers/Cms/BlockController.php
      app/code/core/Mage/Adminhtml/controllers/Customer/GroupController.php
      app/code/core/Mage/Adminhtml/controllers/SitemapController.php
      app/code/core/Mage/Adminhtml/controllers/System/BackupController.php
      app/code/core/Mage/Captcha/Model/Observer.php
      app/code/core/Mage/Captcha/Model/Zend.php
      app/code/core/Mage/Captcha/etc/config.xml
      app/code/core/Mage/Catalog/Model/Api2/Product/Image/Rest/Admin/V1.php
      app/code/core/Mage/Catalog/Model/Product/Attribute/Media/Api.php
      app/code/core/Mage/Cms/Model/Wysiwyg/Images/Storage.php
      app/code/core/Mage/Core/etc/config.xml
      app/code/core/Mage/Core/sql/core_setup/upgrade-1.6.0.7.1.1-1.6.0.7.1.2.php
      app/code/core/Mage/Dataflow/Model/Convert/Container/Abstract.php
      app/code/core/Mage/ImportExport/Model/Import/Entity/Customer.php
      app/code/core/Mage/ImportExport/Model/Import/Entity/Customer/Address.php
      app/code/core/Mage/Payment/etc/config.xml
      app/code/core/Mage/Payment/etc/system.xml
      app/code/core/Mage/Payment/sql/payment_setup/upgrade-1.6.0.0.1.1-1.6.0.0.1.2.php
      app/code/core/Mage/Sendfriend/Block/Send.php
      app/code/core/Mage/Wishlist/controllers/IndexController.php
      app/code/core/Zend/Controller/Request/Http.php
      app/design/adminhtml/default/default/template/cms/browser/content/files.phtml
      app/design/frontend/base/default/layout/captcha.xml
      app/design/frontend/base/default/template/wishlist/sharing.phtml
      app/design/frontend/rwd/default/layout/page.xml
      app/design/frontend/rwd/default/template/sendfriend/send.phtml
      app/etc/modules/Mage_All.xml
      app/etc/modules/Mage_Captcha.xml
      app/locale/en_US/Mage_Wishlist.csv
      js/lib/jquery/jquery-1.12.0.js
      js/lib/jquery/jquery-1.12.0.min.js
      js/lib/jquery/jquery-1.12.0.min.map
      js/lib/jquery/jquery-1.12.1.js
      js/lib/jquery/jquery-1.12.1.min.js
      js/lib/jquery/jquery-1.12.1.min.map


      Has anyone ran into any issues with these changes?







      magento-1 security patches php-7.2 supee-10975






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Nov 28 '18 at 21:22







      Razentic

















      asked Nov 26 '18 at 10:00









      RazenticRazentic

      7218




      7218






















          13 Answers
          13






          active

          oldest

          votes


















          10














          Missing return parent::getDeleteUrl() in app/code/core/Mage/Adminhtml/Block/Customer/Group/Edit.php



          +    public function getDeleteUrl()
          + {
          + if (!Mage::getSingleton('adminhtml/url')->useSecretKey()) {
          + return $this->getUrl('*/*/delete', array(
          + $this->_objectId => $this->getRequest()->getParam($this->_objectId),
          + 'form_key' => Mage::getSingleton('core/session')->getFormKey()
          + ));
          + } else {
          + parent::getDeleteUrl();
          + }
          + }





          share|improve this answer
























          • What Magento version was this for?

            – danmentzer
            Nov 29 '18 at 19:27






          • 1





            I can confirm this issue: it is not possible anymore to delete customer groups via the admin. This happens when secret keys are enabled for the admin, which is the default. This is present in de the SUPEE-10975 patch, and also in Magento Open Source 1.9.4.0.

            – Aad Mathijssen
            Nov 30 '18 at 13:20











          • An additional patch has been created to resolve this SUPEE-11043

            – Andrew
            Dec 1 '18 at 19:06











          • @andrew I cant find anything about SUPEE-11043. can you link some sources?

            – darnok
            Dec 3 '18 at 13:02






          • 1





            So the fix should be replacing parent::getDeleteUrl(); in app/code/core/Mage/Adminhtml/Block/Customer/Group/Edit.php with return parent::getDeleteUrl();

            – René Schep
            Dec 5 '18 at 14:59



















          9














          So far, I have come across the following issues with the SUPEE-10975 patch:




          • It is not possible anymore to delete customer groups via the admin because of a missing return statement in the new method Mage_Adminhtml_Block_Customer_Group_Edit::getDeleteUrl (issue found by @mikhail-chelevich). This is the case when secret keys are enabled for the admin, which is the default. The issue is also present in 1.9.4.0. This issue is fixed by the SUPEE-11043 patch, which has not been offically released, but is available as a GitHub Gist.

          • The Mage_Sendfriend module cannot be disabled without also disabling the Mage_Captcha module. Otherwise, the following core exception occurs: Module "Mage_Captcha" requires module "Mage_Sendfriend". (issue found by @zlep)

          • The changes to the sendfriend/send.phtml template that have been made in the rwd/default theme are not made in the base/default theme. This means that for the base/default theme the CAPTCHA cannot be enabled, and also that names and emails of previously entered recipients are not shown on the page (for the typical case of a form submit that triggers a server-side validation error).

          • The new method Mage_Sendfriend_Block_Send::getRecipientsCount introduces a PHP 7.2 incompatibility because a count is performed on a NULL value when loading the page without any recipients (which is the default on fresh page load). This issue has been fixed in 1.9.4.0.


          Note that I have only checked the patch for 1.9.3.10, but I suspect the issues are present in all versions of the patch.






          share|improve this answer

































            6














            I ran into an issue with the 10975 patch.
            After some investigation I was able to track down the answer as to where the patch was messing up and why.



            To summarize the below check and make sure you patched SUPEE 9767 V2 properly.
            That is the root of my issue.



            sh PATCH_SUPEE-10975_EE_v1.12.0.2_v1-2018-11-27-10-36-30.sh
            Checking if patch can be applied/reverted successfully...
            ERROR: Patch can't be applied/reverted successfully.

            patching file app/code/core/Enterprise/PageCache/Model/Processor.php
            Hunk #1 succeeded at 690 (offset -3 lines).
            patching file app/code/core/Enterprise/Pci/etc/config.xml
            patching file app/code/core/Enterprise/Wishlist/Block/Customer/Sharing.php
            patching file app/code/core/Mage/Adminhtml/Block/Customer/Group/Edit.php
            patching file app/code/core/Mage/Adminhtml/Block/Newsletter/Template/Edit.php
            patching file app/code/core/Mage/Adminhtml/controllers/Cms/BlockController.php
            patching file app/code/core/Mage/Adminhtml/controllers/Customer/GroupController.php
            patching file app/code/core/Mage/Adminhtml/controllers/SitemapController.php
            patching file app/code/core/Mage/Adminhtml/controllers/System/BackupController.php
            patching file app/code/core/Mage/Captcha/Model/Observer.php
            patching file app/code/core/Mage/Captcha/Model/Zend.php
            patching file app/code/core/Mage/Captcha/etc/config.xml
            patching file app/code/core/Mage/Catalog/Model/Api2/Product/Image/Rest/Admin/V1.php
            patching file app/code/core/Mage/Catalog/Model/Product/Attribute/Media/Api.php
            patching file app/code/core/Mage/Cms/Model/Wysiwyg/Images/Storage.php
            patching file app/code/core/Mage/Core/etc/config.xml
            Hunk #1 FAILED at 28.
            1 out of 3 hunks FAILED -- saving rejects to file app/code/core/Mage/Core/etc/config.xml.rej
            patching file app/code/core/Mage/Core/sql/core_setup/upgrade-1.6.0.2.1.2-1.6.0.2.1.3.php
            patching file app/code/core/Mage/Dataflow/Model/Convert/Container/Abstract.php
            patching file app/code/core/Mage/ImportExport/Model/Import/Entity/Customer.php
            patching file app/code/core/Mage/ImportExport/Model/Import/Entity/Customer/Address.php
            patching file app/code/core/Mage/Payment/etc/config.xml
            patching file app/code/core/Mage/Payment/etc/system.xml
            patching file app/code/core/Mage/Payment/sql/payment_setup/upgrade-1.6.0.0.1.1-1.6.0.0.1.2.php
            patching file app/code/core/Mage/Wishlist/controllers/IndexController.php
            patching file app/code/core/Zend/Controller/Request/Http.php
            patching file app/design/adminhtml/default/default/template/cms/browser/content/files.phtml
            patching file app/design/adminhtml/default/default/template/enterprise/cms/page/preview/revision.phtml
            patching file app/design/adminhtml/default/default/template/enterprise/customersegment/report/detail/grid/container.phtml
            patching file app/design/adminhtml/default/default/template/enterprise/giftregistry/customer/form.phtml
            patching file app/design/adminhtml/default/default/template/enterprise/staging/log/information/merge.phtml
            patching file app/design/adminhtml/default/default/template/enterprise/staging/log/information/rollback.phtml
            patching file app/design/frontend/base/default/layout/captcha.xml
            patching file app/design/frontend/base/default/template/wishlist/sharing.phtml
            patching file app/design/frontend/enterprise/iphone/template/downloadable/sales/order/creditmemo/items/renderer/downloadable.phtml
            patching file app/etc/modules/Mage_All.xml
            patching file app/etc/modules/Mage_Captcha.xml
            patching file app/locale/en_US/Enterprise_Wishlist.csv
            patching file app/locale/en_US/Mage_Wishlist.csv
            patching file js/enterprise/adminhtml/staging.js


            Above is the error I hit which is specific to this file.




            Mage/Core/etc/config.xml




            The error comes from this line of the patch.



            diff --git app/code/core/Mage/Core/etc/config.xml app/code/core/Mage/Core/etc/config.xml
            index 4aebdcdc2cf..4b28f2765a1 100644
            --- app/code/core/Mage/Core/etc/config.xml
            +++ app/code/core/Mage/Core/etc/config.xml
            @@ -28,7 +28,7 @@
            <config>
            <modules>
            <Mage_Core>
            - <version>1.6.0.2.1.2</version>
            + <version>1.6.0.2.1.3</version>
            </Mage_Core>
            </modules>
            <global>


            The version listed here doesn't match correctly because of manually patching




            SUPEE 9767 v2




            That patch came with this line that I missed when manually patching.



            diff --git app/code/core/Mage/Core/etc/config.xml app/code/core/Mage/Core/etc/config.xml
            index 4a0ff1b..d0de702 100644
            --- app/code/core/Mage/Core/etc/config.xml
            +++ app/code/core/Mage/Core/etc/config.xml
            @@ -28,7 +28,7 @@
            <config>
            <modules>
            <Mage_Core>
            - <version>1.6.0.2</version>
            + <version>1.6.0.2.1.2</version>
            </Mage_Core>
            </modules>
            <global>





            share|improve this answer































              4














              Firstly, sorry for the duplicate of erej's answer, i can't comment nor edit because of my reputation score.



              The patch creates a new file here : app/code/core/Zend/Controller/Request/Http.php



              Which is added to override this file : lib/Zend/Controller/Request/Http.php



              Problem is for Magento under 1.9.0.0 :



              This method :



              /**
              * Everything in REQUEST_URI before PATH_INFO
              * <form action="<?=$baseUrl?>/news/submit" method="POST"/>
              *
              * @return string
              */
              public function getBaseUrl($raw = false)
              {
              if (null === $this->_baseUrl) {
              $this->setBaseUrl();
              }

              return (($raw == false) ? urldecode($this->_baseUrl) : $this->_baseUrl);
              }


              Is overridden in Magento Core file app/code/core/Mage/Core/Controller/Request/Http.php



              public function getBaseUrl()
              {
              $url = parent::getBaseUrl();
              $url = str_replace('\', '/', $url);
              return $url;
              }


              Which does'nt take any arguments.



              So it fires this strict notice on any website url, front & admin :



              Strict Notice: Declaration of Mage_Core_Controller_Request_Http::getBaseUrl() should be compatible with Zend_Controller_Request_Http::getBaseUrl($raw = false) in /var/www/htdocs/app/code/core/Mage/Core/Controller/Request/Http.php on line 36



              If someone knows if any V2 of that patch is on the way, please let me know.



              Waiting for their update, you can redefine method in app/code/core/Mage/Core/Controller/Request/Http.php like that:



              /**
              * @param bool $raw - Added manually to correct SUPEE-10975 oversight
              * See https://magento.stackexchange.com/questions/251317/supee-10975-potential-issues
              * for more information
              *
              * @return mixed|string
              */
              public function getBaseUrl($raw = false)
              {
              $url = parent::getBaseUrl($raw); // Argument added manually to correct SUPEE-10975 oversight
              $url = str_replace('\', '/', $url);
              return $url;
              }





              share|improve this answer































                3














                With version 1.8.1.0 after applying this patch we also had to change
                app/code/core/Mage/Core/Controller/Request/Http.php::getBaseUrl() function
                to be



                public function getBaseUrl($raw = false)
                {
                $url = parent::getBaseUrl($raw);
                $url = str_replace('\', '/', $url);
                return $url;
                }


                because this patch adds app/code/core/Zend/Controller/Request/Http.php file and getBaseUrl() function is declared with parameter $raw = false.






                share|improve this answer
























                • It shouldn't be necessary to add this function. It will just always default to not raw, because any functionality calling this function should not have $raw set in 1.8.1.

                  – René Schep
                  Dec 5 '18 at 14:51





















                2














                I have a problem with 'Hunk #1 FAILED at 28'



                Rejects are supposedly saved to config.xml.rej but this file doesn't exist, neither is there any description of what part of the script failed in my terminal window. Basically the patch fails and there is no indication why - at least not to a dumbass like me!



                On first run the patch attempted to delete three jquery v 1.12.0 files which didn't exist, I replaced these and applied the patch again but it now fails without any useful description.



                Magento 1.9.0.1 fully patched apart from the PHP 7.2 compatibility update, it will remain unpatched unless I can work it out or someone on here can give me a clue (please!)
                Thanks
                H



                PS I'm not sure if my post contravenes SE guidelines, I am answering the original question but I'm also asking for help.






                share|improve this answer
























                • I ran into this issue as well it is related to the patch 9767 v2 it adds a new version number to the Mage/Core/etc/config.xml You should just need to add onto the current version number .1.2 I will also be writing an answer for this as well.

                  – danmentzer
                  Nov 29 '18 at 19:02



















                2














                The Mage_Backup Module will be disabled by the patch.



                This is mentioned in the official release notes (https://devdocs.magento.com/guides/m1x/ce19-ee114/ce1.9_release-notes.html#ce19-1940).



                However the suggested solution to re-enable it is wrong:



                ("Alternatively, you can use one of these two methods to enable database backups")



                You actually need to use both methods mentioned to fully re-enable it.






                share|improve this answer





















                • 1





                  Also remember that re-enabling the Mage_Backup module opens you up to: "remote code execution (RCE), cross-site scripting (XSS), and cross-site request forgery (CSRF) issues."

                  – René Schep
                  Dec 5 '18 at 13:26





















                1














                Specific problem, but if you disabled Mage_Sendfriend (which previously was a module you could safely disable) it will throw an exception error.






                share|improve this answer



















                • 1





                  They made Mage_Captcha depended on Mage_Sendfriend instead of the other way around. So you need to also deactivate Mage_Captcha to disable Mage_Sendfriend. Which might not be what you want because it disables all Magento default recaptcha's

                  – René Schep
                  Dec 5 '18 at 15:08



















                1














                There can be issues with handling tax calculation correctly.



                As is customary in many countries, our customer uses the "prices include taxes" configuration of Magento.



                So, after the update from 1.9.3.10 to 1.9.4.0, the tax got added to the grand total in checkout, on top of the item prices already including taxes.



                I tracked the issue down to a change in the configuration in file app/code/core/Mage/Sales/etc/config.xml, where "msrp" was added to the node sales/quote/totals/shipping/after.



                I did not find anything regarding MSRP in the release notes and I hope that this is an isolated change without any side-effects.



                My solution was to change this node back to its original value "subtotal,freeshipping,tax_subtotal" without the "msrp". I did so in the etc/config.xml of my own module.






                share|improve this answer































                  0














                  I tried to upgrade from Magento CE 1.9.3.10 to 1.9.4.0 today and I had multiple errors. Fortunately it didn't mess up the installation. After the installation I got the dreaded - Internal Server Error. I did get locked out and I had to reset all of my file and folder permissions via SSH along with removing the maintenance.flag. I then reindexed and re-enabled the cache. Plus I had to revert to my old .htaccess file in the Root and Download folder. Not sure what the corrective action should be to get a successful installation. I forgot to copy the text from the command-line window. So I can't post all the errors. What I did see was incompatible messages.






                  share|improve this answer



















                  • 1





                    I dont think "upgrade" method through downloader ever worked on any installation that is at least a little edited. Am I crazy?

                    – Kalvin Klien
                    Nov 30 '18 at 21:03











                  • The "upgrade" method using Magento Connect works every single time for me. I use it for all three of our M1 sites and they are all heavily (though properly) customized.

                    – MagentoAaron
                    Jan 21 at 19:10



















                  0














                  Did they remove Scheduled Backup? No Scheduled Backup Section



                  Or I have some kind of a problem? Why is there no mention of this in any of the notes? This seems to be a pattern with Magento where they dont mention changes like these when updates come out.



                  UPDATE: looks like they removed it completely from all versions.



                  UPDATE: had to do backups differently. If anybody interested I posted some of the CRON commands here: Back-up strategy post SUPEE-10975?






                  share|improve this answer


























                  • Is this for any specific version?

                    – Razentic
                    Nov 30 '18 at 12:45






                  • 2





                    Per twitter.com/ryanhoerr/status/1067819214314987520 That is a specific part they removed per this patch.

                    – danmentzer
                    Nov 30 '18 at 14:17











                  • Oh god...ok classic - gotta find out from some other source then magento about removal / addition of features.

                    – Kalvin Klien
                    Nov 30 '18 at 16:29






                  • 1





                    @KalvinKlien actually, first paragraph in the release notes states that it's been deactivated; devdocs.magento.com/guides/m1x/ce19-ee114/…

                    – Peter Jaap Blaakmeer
                    Dec 4 '18 at 9:40






                  • 3





                    The change in this patch is that Mage_Backup is deactivated by default and the checks for running the code are stricter (eg. if block output for the module is deactivated the backups wont run). You can still manually re-enable the module by changing false to true in the Mage_Backup section of app/etc/modules/Mage_All.xml. Be careful that re-enabling the backup functionality potentially allows: "remote code execution (RCE), cross-site scripting (XSS), and cross-site request forgery (CSRF) issues."

                    – René Schep
                    Dec 5 '18 at 13:13





















                  0














                  We saw an issue on a site that was using a custom multi-store configuration by a previous developer. All URLs for stores other than the base store were 404ing. It set the "HTTP_X_REWRITE_URL" server variable/HTTP Header, which changed the URL as processed by the Magento Request.



                  This variable is/was used by Zend_Controller_Request_Http::setRequestUri(), but the new version in app/code/core/Zend/Controller/Request/Http.php no longer uses this. The possible fixes were:




                  • Set $_SERVER["IIS_WasUrlRewritten"] to '1' and instead set $_SERVER["UNENCODED_URL"]

                  • Set $_SERVER["REQUEST_URI"] instead


                  Either would probably work, but the former is probably less likely to have unintended consequences as it functions closer to the previous system.





                  share































                    -5














                    Probably not, but version 1.9.4.0 already have both implemented anyway.






                    share|improve this answer



















                    • 1





                      These stack posts are specifically so other dev's can be aware of issues your answer to this is not helpful or descriptive about any issue. I would honestly just remove this.

                      – danmentzer
                      Dec 13 '18 at 16:43











                    Your Answer








                    StackExchange.ready(function() {
                    var channelOptions = {
                    tags: "".split(" "),
                    id: "479"
                    };
                    initTagRenderer("".split(" "), "".split(" "), channelOptions);

                    StackExchange.using("externalEditor", function() {
                    // Have to fire editor after snippets, if snippets enabled
                    if (StackExchange.settings.snippets.snippetsEnabled) {
                    StackExchange.using("snippets", function() {
                    createEditor();
                    });
                    }
                    else {
                    createEditor();
                    }
                    });

                    function createEditor() {
                    StackExchange.prepareEditor({
                    heartbeatType: 'answer',
                    autoActivateHeartbeat: false,
                    convertImagesToLinks: false,
                    noModals: true,
                    showLowRepImageUploadWarning: true,
                    reputationToPostImages: null,
                    bindNavPrevention: true,
                    postfix: "",
                    imageUploader: {
                    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
                    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
                    allowUrls: true
                    },
                    onDemand: true,
                    discardSelector: ".discard-answer"
                    ,immediatelyShowMarkdownHelp:true
                    });


                    }
                    });














                    draft saved

                    draft discarded


















                    StackExchange.ready(
                    function () {
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fmagento.stackexchange.com%2fquestions%2f251317%2fsupee-10975-potential-issues%23new-answer', 'question_page');
                    }
                    );

                    Post as a guest















                    Required, but never shown

























                    13 Answers
                    13






                    active

                    oldest

                    votes








                    13 Answers
                    13






                    active

                    oldest

                    votes









                    active

                    oldest

                    votes






                    active

                    oldest

                    votes









                    10














                    Missing return parent::getDeleteUrl() in app/code/core/Mage/Adminhtml/Block/Customer/Group/Edit.php



                    +    public function getDeleteUrl()
                    + {
                    + if (!Mage::getSingleton('adminhtml/url')->useSecretKey()) {
                    + return $this->getUrl('*/*/delete', array(
                    + $this->_objectId => $this->getRequest()->getParam($this->_objectId),
                    + 'form_key' => Mage::getSingleton('core/session')->getFormKey()
                    + ));
                    + } else {
                    + parent::getDeleteUrl();
                    + }
                    + }





                    share|improve this answer
























                    • What Magento version was this for?

                      – danmentzer
                      Nov 29 '18 at 19:27






                    • 1





                      I can confirm this issue: it is not possible anymore to delete customer groups via the admin. This happens when secret keys are enabled for the admin, which is the default. This is present in de the SUPEE-10975 patch, and also in Magento Open Source 1.9.4.0.

                      – Aad Mathijssen
                      Nov 30 '18 at 13:20











                    • An additional patch has been created to resolve this SUPEE-11043

                      – Andrew
                      Dec 1 '18 at 19:06











                    • @andrew I cant find anything about SUPEE-11043. can you link some sources?

                      – darnok
                      Dec 3 '18 at 13:02






                    • 1





                      So the fix should be replacing parent::getDeleteUrl(); in app/code/core/Mage/Adminhtml/Block/Customer/Group/Edit.php with return parent::getDeleteUrl();

                      – René Schep
                      Dec 5 '18 at 14:59
















                    10














                    Missing return parent::getDeleteUrl() in app/code/core/Mage/Adminhtml/Block/Customer/Group/Edit.php



                    +    public function getDeleteUrl()
                    + {
                    + if (!Mage::getSingleton('adminhtml/url')->useSecretKey()) {
                    + return $this->getUrl('*/*/delete', array(
                    + $this->_objectId => $this->getRequest()->getParam($this->_objectId),
                    + 'form_key' => Mage::getSingleton('core/session')->getFormKey()
                    + ));
                    + } else {
                    + parent::getDeleteUrl();
                    + }
                    + }





                    share|improve this answer
























                    • What Magento version was this for?

                      – danmentzer
                      Nov 29 '18 at 19:27






                    • 1





                      I can confirm this issue: it is not possible anymore to delete customer groups via the admin. This happens when secret keys are enabled for the admin, which is the default. This is present in de the SUPEE-10975 patch, and also in Magento Open Source 1.9.4.0.

                      – Aad Mathijssen
                      Nov 30 '18 at 13:20











                    • An additional patch has been created to resolve this SUPEE-11043

                      – Andrew
                      Dec 1 '18 at 19:06











                    • @andrew I cant find anything about SUPEE-11043. can you link some sources?

                      – darnok
                      Dec 3 '18 at 13:02






                    • 1





                      So the fix should be replacing parent::getDeleteUrl(); in app/code/core/Mage/Adminhtml/Block/Customer/Group/Edit.php with return parent::getDeleteUrl();

                      – René Schep
                      Dec 5 '18 at 14:59














                    10












                    10








                    10







                    Missing return parent::getDeleteUrl() in app/code/core/Mage/Adminhtml/Block/Customer/Group/Edit.php



                    +    public function getDeleteUrl()
                    + {
                    + if (!Mage::getSingleton('adminhtml/url')->useSecretKey()) {
                    + return $this->getUrl('*/*/delete', array(
                    + $this->_objectId => $this->getRequest()->getParam($this->_objectId),
                    + 'form_key' => Mage::getSingleton('core/session')->getFormKey()
                    + ));
                    + } else {
                    + parent::getDeleteUrl();
                    + }
                    + }





                    share|improve this answer













                    Missing return parent::getDeleteUrl() in app/code/core/Mage/Adminhtml/Block/Customer/Group/Edit.php



                    +    public function getDeleteUrl()
                    + {
                    + if (!Mage::getSingleton('adminhtml/url')->useSecretKey()) {
                    + return $this->getUrl('*/*/delete', array(
                    + $this->_objectId => $this->getRequest()->getParam($this->_objectId),
                    + 'form_key' => Mage::getSingleton('core/session')->getFormKey()
                    + ));
                    + } else {
                    + parent::getDeleteUrl();
                    + }
                    + }






                    share|improve this answer












                    share|improve this answer



                    share|improve this answer










                    answered Nov 29 '18 at 16:00









                    Mikhail ChelevichMikhail Chelevich

                    1013




                    1013













                    • What Magento version was this for?

                      – danmentzer
                      Nov 29 '18 at 19:27






                    • 1





                      I can confirm this issue: it is not possible anymore to delete customer groups via the admin. This happens when secret keys are enabled for the admin, which is the default. This is present in de the SUPEE-10975 patch, and also in Magento Open Source 1.9.4.0.

                      – Aad Mathijssen
                      Nov 30 '18 at 13:20











                    • An additional patch has been created to resolve this SUPEE-11043

                      – Andrew
                      Dec 1 '18 at 19:06











                    • @andrew I cant find anything about SUPEE-11043. can you link some sources?

                      – darnok
                      Dec 3 '18 at 13:02






                    • 1





                      So the fix should be replacing parent::getDeleteUrl(); in app/code/core/Mage/Adminhtml/Block/Customer/Group/Edit.php with return parent::getDeleteUrl();

                      – René Schep
                      Dec 5 '18 at 14:59



















                    • What Magento version was this for?

                      – danmentzer
                      Nov 29 '18 at 19:27






                    • 1





                      I can confirm this issue: it is not possible anymore to delete customer groups via the admin. This happens when secret keys are enabled for the admin, which is the default. This is present in de the SUPEE-10975 patch, and also in Magento Open Source 1.9.4.0.

                      – Aad Mathijssen
                      Nov 30 '18 at 13:20











                    • An additional patch has been created to resolve this SUPEE-11043

                      – Andrew
                      Dec 1 '18 at 19:06











                    • @andrew I cant find anything about SUPEE-11043. can you link some sources?

                      – darnok
                      Dec 3 '18 at 13:02






                    • 1





                      So the fix should be replacing parent::getDeleteUrl(); in app/code/core/Mage/Adminhtml/Block/Customer/Group/Edit.php with return parent::getDeleteUrl();

                      – René Schep
                      Dec 5 '18 at 14:59

















                    What Magento version was this for?

                    – danmentzer
                    Nov 29 '18 at 19:27





                    What Magento version was this for?

                    – danmentzer
                    Nov 29 '18 at 19:27




                    1




                    1





                    I can confirm this issue: it is not possible anymore to delete customer groups via the admin. This happens when secret keys are enabled for the admin, which is the default. This is present in de the SUPEE-10975 patch, and also in Magento Open Source 1.9.4.0.

                    – Aad Mathijssen
                    Nov 30 '18 at 13:20





                    I can confirm this issue: it is not possible anymore to delete customer groups via the admin. This happens when secret keys are enabled for the admin, which is the default. This is present in de the SUPEE-10975 patch, and also in Magento Open Source 1.9.4.0.

                    – Aad Mathijssen
                    Nov 30 '18 at 13:20













                    An additional patch has been created to resolve this SUPEE-11043

                    – Andrew
                    Dec 1 '18 at 19:06





                    An additional patch has been created to resolve this SUPEE-11043

                    – Andrew
                    Dec 1 '18 at 19:06













                    @andrew I cant find anything about SUPEE-11043. can you link some sources?

                    – darnok
                    Dec 3 '18 at 13:02





                    @andrew I cant find anything about SUPEE-11043. can you link some sources?

                    – darnok
                    Dec 3 '18 at 13:02




                    1




                    1





                    So the fix should be replacing parent::getDeleteUrl(); in app/code/core/Mage/Adminhtml/Block/Customer/Group/Edit.php with return parent::getDeleteUrl();

                    – René Schep
                    Dec 5 '18 at 14:59





                    So the fix should be replacing parent::getDeleteUrl(); in app/code/core/Mage/Adminhtml/Block/Customer/Group/Edit.php with return parent::getDeleteUrl();

                    – René Schep
                    Dec 5 '18 at 14:59













                    9














                    So far, I have come across the following issues with the SUPEE-10975 patch:




                    • It is not possible anymore to delete customer groups via the admin because of a missing return statement in the new method Mage_Adminhtml_Block_Customer_Group_Edit::getDeleteUrl (issue found by @mikhail-chelevich). This is the case when secret keys are enabled for the admin, which is the default. The issue is also present in 1.9.4.0. This issue is fixed by the SUPEE-11043 patch, which has not been offically released, but is available as a GitHub Gist.

                    • The Mage_Sendfriend module cannot be disabled without also disabling the Mage_Captcha module. Otherwise, the following core exception occurs: Module "Mage_Captcha" requires module "Mage_Sendfriend". (issue found by @zlep)

                    • The changes to the sendfriend/send.phtml template that have been made in the rwd/default theme are not made in the base/default theme. This means that for the base/default theme the CAPTCHA cannot be enabled, and also that names and emails of previously entered recipients are not shown on the page (for the typical case of a form submit that triggers a server-side validation error).

                    • The new method Mage_Sendfriend_Block_Send::getRecipientsCount introduces a PHP 7.2 incompatibility because a count is performed on a NULL value when loading the page without any recipients (which is the default on fresh page load). This issue has been fixed in 1.9.4.0.


                    Note that I have only checked the patch for 1.9.3.10, but I suspect the issues are present in all versions of the patch.






                    share|improve this answer






























                      9














                      So far, I have come across the following issues with the SUPEE-10975 patch:




                      • It is not possible anymore to delete customer groups via the admin because of a missing return statement in the new method Mage_Adminhtml_Block_Customer_Group_Edit::getDeleteUrl (issue found by @mikhail-chelevich). This is the case when secret keys are enabled for the admin, which is the default. The issue is also present in 1.9.4.0. This issue is fixed by the SUPEE-11043 patch, which has not been offically released, but is available as a GitHub Gist.

                      • The Mage_Sendfriend module cannot be disabled without also disabling the Mage_Captcha module. Otherwise, the following core exception occurs: Module "Mage_Captcha" requires module "Mage_Sendfriend". (issue found by @zlep)

                      • The changes to the sendfriend/send.phtml template that have been made in the rwd/default theme are not made in the base/default theme. This means that for the base/default theme the CAPTCHA cannot be enabled, and also that names and emails of previously entered recipients are not shown on the page (for the typical case of a form submit that triggers a server-side validation error).

                      • The new method Mage_Sendfriend_Block_Send::getRecipientsCount introduces a PHP 7.2 incompatibility because a count is performed on a NULL value when loading the page without any recipients (which is the default on fresh page load). This issue has been fixed in 1.9.4.0.


                      Note that I have only checked the patch for 1.9.3.10, but I suspect the issues are present in all versions of the patch.






                      share|improve this answer




























                        9












                        9








                        9







                        So far, I have come across the following issues with the SUPEE-10975 patch:




                        • It is not possible anymore to delete customer groups via the admin because of a missing return statement in the new method Mage_Adminhtml_Block_Customer_Group_Edit::getDeleteUrl (issue found by @mikhail-chelevich). This is the case when secret keys are enabled for the admin, which is the default. The issue is also present in 1.9.4.0. This issue is fixed by the SUPEE-11043 patch, which has not been offically released, but is available as a GitHub Gist.

                        • The Mage_Sendfriend module cannot be disabled without also disabling the Mage_Captcha module. Otherwise, the following core exception occurs: Module "Mage_Captcha" requires module "Mage_Sendfriend". (issue found by @zlep)

                        • The changes to the sendfriend/send.phtml template that have been made in the rwd/default theme are not made in the base/default theme. This means that for the base/default theme the CAPTCHA cannot be enabled, and also that names and emails of previously entered recipients are not shown on the page (for the typical case of a form submit that triggers a server-side validation error).

                        • The new method Mage_Sendfriend_Block_Send::getRecipientsCount introduces a PHP 7.2 incompatibility because a count is performed on a NULL value when loading the page without any recipients (which is the default on fresh page load). This issue has been fixed in 1.9.4.0.


                        Note that I have only checked the patch for 1.9.3.10, but I suspect the issues are present in all versions of the patch.






                        share|improve this answer















                        So far, I have come across the following issues with the SUPEE-10975 patch:




                        • It is not possible anymore to delete customer groups via the admin because of a missing return statement in the new method Mage_Adminhtml_Block_Customer_Group_Edit::getDeleteUrl (issue found by @mikhail-chelevich). This is the case when secret keys are enabled for the admin, which is the default. The issue is also present in 1.9.4.0. This issue is fixed by the SUPEE-11043 patch, which has not been offically released, but is available as a GitHub Gist.

                        • The Mage_Sendfriend module cannot be disabled without also disabling the Mage_Captcha module. Otherwise, the following core exception occurs: Module "Mage_Captcha" requires module "Mage_Sendfriend". (issue found by @zlep)

                        • The changes to the sendfriend/send.phtml template that have been made in the rwd/default theme are not made in the base/default theme. This means that for the base/default theme the CAPTCHA cannot be enabled, and also that names and emails of previously entered recipients are not shown on the page (for the typical case of a form submit that triggers a server-side validation error).

                        • The new method Mage_Sendfriend_Block_Send::getRecipientsCount introduces a PHP 7.2 incompatibility because a count is performed on a NULL value when loading the page without any recipients (which is the default on fresh page load). This issue has been fixed in 1.9.4.0.


                        Note that I have only checked the patch for 1.9.3.10, but I suspect the issues are present in all versions of the patch.







                        share|improve this answer














                        share|improve this answer



                        share|improve this answer








                        edited Dec 19 '18 at 12:53

























                        answered Nov 30 '18 at 14:32









                        Aad MathijssenAad Mathijssen

                        1,36311121




                        1,36311121























                            6














                            I ran into an issue with the 10975 patch.
                            After some investigation I was able to track down the answer as to where the patch was messing up and why.



                            To summarize the below check and make sure you patched SUPEE 9767 V2 properly.
                            That is the root of my issue.



                            sh PATCH_SUPEE-10975_EE_v1.12.0.2_v1-2018-11-27-10-36-30.sh
                            Checking if patch can be applied/reverted successfully...
                            ERROR: Patch can't be applied/reverted successfully.

                            patching file app/code/core/Enterprise/PageCache/Model/Processor.php
                            Hunk #1 succeeded at 690 (offset -3 lines).
                            patching file app/code/core/Enterprise/Pci/etc/config.xml
                            patching file app/code/core/Enterprise/Wishlist/Block/Customer/Sharing.php
                            patching file app/code/core/Mage/Adminhtml/Block/Customer/Group/Edit.php
                            patching file app/code/core/Mage/Adminhtml/Block/Newsletter/Template/Edit.php
                            patching file app/code/core/Mage/Adminhtml/controllers/Cms/BlockController.php
                            patching file app/code/core/Mage/Adminhtml/controllers/Customer/GroupController.php
                            patching file app/code/core/Mage/Adminhtml/controllers/SitemapController.php
                            patching file app/code/core/Mage/Adminhtml/controllers/System/BackupController.php
                            patching file app/code/core/Mage/Captcha/Model/Observer.php
                            patching file app/code/core/Mage/Captcha/Model/Zend.php
                            patching file app/code/core/Mage/Captcha/etc/config.xml
                            patching file app/code/core/Mage/Catalog/Model/Api2/Product/Image/Rest/Admin/V1.php
                            patching file app/code/core/Mage/Catalog/Model/Product/Attribute/Media/Api.php
                            patching file app/code/core/Mage/Cms/Model/Wysiwyg/Images/Storage.php
                            patching file app/code/core/Mage/Core/etc/config.xml
                            Hunk #1 FAILED at 28.
                            1 out of 3 hunks FAILED -- saving rejects to file app/code/core/Mage/Core/etc/config.xml.rej
                            patching file app/code/core/Mage/Core/sql/core_setup/upgrade-1.6.0.2.1.2-1.6.0.2.1.3.php
                            patching file app/code/core/Mage/Dataflow/Model/Convert/Container/Abstract.php
                            patching file app/code/core/Mage/ImportExport/Model/Import/Entity/Customer.php
                            patching file app/code/core/Mage/ImportExport/Model/Import/Entity/Customer/Address.php
                            patching file app/code/core/Mage/Payment/etc/config.xml
                            patching file app/code/core/Mage/Payment/etc/system.xml
                            patching file app/code/core/Mage/Payment/sql/payment_setup/upgrade-1.6.0.0.1.1-1.6.0.0.1.2.php
                            patching file app/code/core/Mage/Wishlist/controllers/IndexController.php
                            patching file app/code/core/Zend/Controller/Request/Http.php
                            patching file app/design/adminhtml/default/default/template/cms/browser/content/files.phtml
                            patching file app/design/adminhtml/default/default/template/enterprise/cms/page/preview/revision.phtml
                            patching file app/design/adminhtml/default/default/template/enterprise/customersegment/report/detail/grid/container.phtml
                            patching file app/design/adminhtml/default/default/template/enterprise/giftregistry/customer/form.phtml
                            patching file app/design/adminhtml/default/default/template/enterprise/staging/log/information/merge.phtml
                            patching file app/design/adminhtml/default/default/template/enterprise/staging/log/information/rollback.phtml
                            patching file app/design/frontend/base/default/layout/captcha.xml
                            patching file app/design/frontend/base/default/template/wishlist/sharing.phtml
                            patching file app/design/frontend/enterprise/iphone/template/downloadable/sales/order/creditmemo/items/renderer/downloadable.phtml
                            patching file app/etc/modules/Mage_All.xml
                            patching file app/etc/modules/Mage_Captcha.xml
                            patching file app/locale/en_US/Enterprise_Wishlist.csv
                            patching file app/locale/en_US/Mage_Wishlist.csv
                            patching file js/enterprise/adminhtml/staging.js


                            Above is the error I hit which is specific to this file.




                            Mage/Core/etc/config.xml




                            The error comes from this line of the patch.



                            diff --git app/code/core/Mage/Core/etc/config.xml app/code/core/Mage/Core/etc/config.xml
                            index 4aebdcdc2cf..4b28f2765a1 100644
                            --- app/code/core/Mage/Core/etc/config.xml
                            +++ app/code/core/Mage/Core/etc/config.xml
                            @@ -28,7 +28,7 @@
                            <config>
                            <modules>
                            <Mage_Core>
                            - <version>1.6.0.2.1.2</version>
                            + <version>1.6.0.2.1.3</version>
                            </Mage_Core>
                            </modules>
                            <global>


                            The version listed here doesn't match correctly because of manually patching




                            SUPEE 9767 v2




                            That patch came with this line that I missed when manually patching.



                            diff --git app/code/core/Mage/Core/etc/config.xml app/code/core/Mage/Core/etc/config.xml
                            index 4a0ff1b..d0de702 100644
                            --- app/code/core/Mage/Core/etc/config.xml
                            +++ app/code/core/Mage/Core/etc/config.xml
                            @@ -28,7 +28,7 @@
                            <config>
                            <modules>
                            <Mage_Core>
                            - <version>1.6.0.2</version>
                            + <version>1.6.0.2.1.2</version>
                            </Mage_Core>
                            </modules>
                            <global>





                            share|improve this answer




























                              6














                              I ran into an issue with the 10975 patch.
                              After some investigation I was able to track down the answer as to where the patch was messing up and why.



                              To summarize the below check and make sure you patched SUPEE 9767 V2 properly.
                              That is the root of my issue.



                              sh PATCH_SUPEE-10975_EE_v1.12.0.2_v1-2018-11-27-10-36-30.sh
                              Checking if patch can be applied/reverted successfully...
                              ERROR: Patch can't be applied/reverted successfully.

                              patching file app/code/core/Enterprise/PageCache/Model/Processor.php
                              Hunk #1 succeeded at 690 (offset -3 lines).
                              patching file app/code/core/Enterprise/Pci/etc/config.xml
                              patching file app/code/core/Enterprise/Wishlist/Block/Customer/Sharing.php
                              patching file app/code/core/Mage/Adminhtml/Block/Customer/Group/Edit.php
                              patching file app/code/core/Mage/Adminhtml/Block/Newsletter/Template/Edit.php
                              patching file app/code/core/Mage/Adminhtml/controllers/Cms/BlockController.php
                              patching file app/code/core/Mage/Adminhtml/controllers/Customer/GroupController.php
                              patching file app/code/core/Mage/Adminhtml/controllers/SitemapController.php
                              patching file app/code/core/Mage/Adminhtml/controllers/System/BackupController.php
                              patching file app/code/core/Mage/Captcha/Model/Observer.php
                              patching file app/code/core/Mage/Captcha/Model/Zend.php
                              patching file app/code/core/Mage/Captcha/etc/config.xml
                              patching file app/code/core/Mage/Catalog/Model/Api2/Product/Image/Rest/Admin/V1.php
                              patching file app/code/core/Mage/Catalog/Model/Product/Attribute/Media/Api.php
                              patching file app/code/core/Mage/Cms/Model/Wysiwyg/Images/Storage.php
                              patching file app/code/core/Mage/Core/etc/config.xml
                              Hunk #1 FAILED at 28.
                              1 out of 3 hunks FAILED -- saving rejects to file app/code/core/Mage/Core/etc/config.xml.rej
                              patching file app/code/core/Mage/Core/sql/core_setup/upgrade-1.6.0.2.1.2-1.6.0.2.1.3.php
                              patching file app/code/core/Mage/Dataflow/Model/Convert/Container/Abstract.php
                              patching file app/code/core/Mage/ImportExport/Model/Import/Entity/Customer.php
                              patching file app/code/core/Mage/ImportExport/Model/Import/Entity/Customer/Address.php
                              patching file app/code/core/Mage/Payment/etc/config.xml
                              patching file app/code/core/Mage/Payment/etc/system.xml
                              patching file app/code/core/Mage/Payment/sql/payment_setup/upgrade-1.6.0.0.1.1-1.6.0.0.1.2.php
                              patching file app/code/core/Mage/Wishlist/controllers/IndexController.php
                              patching file app/code/core/Zend/Controller/Request/Http.php
                              patching file app/design/adminhtml/default/default/template/cms/browser/content/files.phtml
                              patching file app/design/adminhtml/default/default/template/enterprise/cms/page/preview/revision.phtml
                              patching file app/design/adminhtml/default/default/template/enterprise/customersegment/report/detail/grid/container.phtml
                              patching file app/design/adminhtml/default/default/template/enterprise/giftregistry/customer/form.phtml
                              patching file app/design/adminhtml/default/default/template/enterprise/staging/log/information/merge.phtml
                              patching file app/design/adminhtml/default/default/template/enterprise/staging/log/information/rollback.phtml
                              patching file app/design/frontend/base/default/layout/captcha.xml
                              patching file app/design/frontend/base/default/template/wishlist/sharing.phtml
                              patching file app/design/frontend/enterprise/iphone/template/downloadable/sales/order/creditmemo/items/renderer/downloadable.phtml
                              patching file app/etc/modules/Mage_All.xml
                              patching file app/etc/modules/Mage_Captcha.xml
                              patching file app/locale/en_US/Enterprise_Wishlist.csv
                              patching file app/locale/en_US/Mage_Wishlist.csv
                              patching file js/enterprise/adminhtml/staging.js


                              Above is the error I hit which is specific to this file.




                              Mage/Core/etc/config.xml




                              The error comes from this line of the patch.



                              diff --git app/code/core/Mage/Core/etc/config.xml app/code/core/Mage/Core/etc/config.xml
                              index 4aebdcdc2cf..4b28f2765a1 100644
                              --- app/code/core/Mage/Core/etc/config.xml
                              +++ app/code/core/Mage/Core/etc/config.xml
                              @@ -28,7 +28,7 @@
                              <config>
                              <modules>
                              <Mage_Core>
                              - <version>1.6.0.2.1.2</version>
                              + <version>1.6.0.2.1.3</version>
                              </Mage_Core>
                              </modules>
                              <global>


                              The version listed here doesn't match correctly because of manually patching




                              SUPEE 9767 v2




                              That patch came with this line that I missed when manually patching.



                              diff --git app/code/core/Mage/Core/etc/config.xml app/code/core/Mage/Core/etc/config.xml
                              index 4a0ff1b..d0de702 100644
                              --- app/code/core/Mage/Core/etc/config.xml
                              +++ app/code/core/Mage/Core/etc/config.xml
                              @@ -28,7 +28,7 @@
                              <config>
                              <modules>
                              <Mage_Core>
                              - <version>1.6.0.2</version>
                              + <version>1.6.0.2.1.2</version>
                              </Mage_Core>
                              </modules>
                              <global>





                              share|improve this answer


























                                6












                                6








                                6







                                I ran into an issue with the 10975 patch.
                                After some investigation I was able to track down the answer as to where the patch was messing up and why.



                                To summarize the below check and make sure you patched SUPEE 9767 V2 properly.
                                That is the root of my issue.



                                sh PATCH_SUPEE-10975_EE_v1.12.0.2_v1-2018-11-27-10-36-30.sh
                                Checking if patch can be applied/reverted successfully...
                                ERROR: Patch can't be applied/reverted successfully.

                                patching file app/code/core/Enterprise/PageCache/Model/Processor.php
                                Hunk #1 succeeded at 690 (offset -3 lines).
                                patching file app/code/core/Enterprise/Pci/etc/config.xml
                                patching file app/code/core/Enterprise/Wishlist/Block/Customer/Sharing.php
                                patching file app/code/core/Mage/Adminhtml/Block/Customer/Group/Edit.php
                                patching file app/code/core/Mage/Adminhtml/Block/Newsletter/Template/Edit.php
                                patching file app/code/core/Mage/Adminhtml/controllers/Cms/BlockController.php
                                patching file app/code/core/Mage/Adminhtml/controllers/Customer/GroupController.php
                                patching file app/code/core/Mage/Adminhtml/controllers/SitemapController.php
                                patching file app/code/core/Mage/Adminhtml/controllers/System/BackupController.php
                                patching file app/code/core/Mage/Captcha/Model/Observer.php
                                patching file app/code/core/Mage/Captcha/Model/Zend.php
                                patching file app/code/core/Mage/Captcha/etc/config.xml
                                patching file app/code/core/Mage/Catalog/Model/Api2/Product/Image/Rest/Admin/V1.php
                                patching file app/code/core/Mage/Catalog/Model/Product/Attribute/Media/Api.php
                                patching file app/code/core/Mage/Cms/Model/Wysiwyg/Images/Storage.php
                                patching file app/code/core/Mage/Core/etc/config.xml
                                Hunk #1 FAILED at 28.
                                1 out of 3 hunks FAILED -- saving rejects to file app/code/core/Mage/Core/etc/config.xml.rej
                                patching file app/code/core/Mage/Core/sql/core_setup/upgrade-1.6.0.2.1.2-1.6.0.2.1.3.php
                                patching file app/code/core/Mage/Dataflow/Model/Convert/Container/Abstract.php
                                patching file app/code/core/Mage/ImportExport/Model/Import/Entity/Customer.php
                                patching file app/code/core/Mage/ImportExport/Model/Import/Entity/Customer/Address.php
                                patching file app/code/core/Mage/Payment/etc/config.xml
                                patching file app/code/core/Mage/Payment/etc/system.xml
                                patching file app/code/core/Mage/Payment/sql/payment_setup/upgrade-1.6.0.0.1.1-1.6.0.0.1.2.php
                                patching file app/code/core/Mage/Wishlist/controllers/IndexController.php
                                patching file app/code/core/Zend/Controller/Request/Http.php
                                patching file app/design/adminhtml/default/default/template/cms/browser/content/files.phtml
                                patching file app/design/adminhtml/default/default/template/enterprise/cms/page/preview/revision.phtml
                                patching file app/design/adminhtml/default/default/template/enterprise/customersegment/report/detail/grid/container.phtml
                                patching file app/design/adminhtml/default/default/template/enterprise/giftregistry/customer/form.phtml
                                patching file app/design/adminhtml/default/default/template/enterprise/staging/log/information/merge.phtml
                                patching file app/design/adminhtml/default/default/template/enterprise/staging/log/information/rollback.phtml
                                patching file app/design/frontend/base/default/layout/captcha.xml
                                patching file app/design/frontend/base/default/template/wishlist/sharing.phtml
                                patching file app/design/frontend/enterprise/iphone/template/downloadable/sales/order/creditmemo/items/renderer/downloadable.phtml
                                patching file app/etc/modules/Mage_All.xml
                                patching file app/etc/modules/Mage_Captcha.xml
                                patching file app/locale/en_US/Enterprise_Wishlist.csv
                                patching file app/locale/en_US/Mage_Wishlist.csv
                                patching file js/enterprise/adminhtml/staging.js


                                Above is the error I hit which is specific to this file.




                                Mage/Core/etc/config.xml




                                The error comes from this line of the patch.



                                diff --git app/code/core/Mage/Core/etc/config.xml app/code/core/Mage/Core/etc/config.xml
                                index 4aebdcdc2cf..4b28f2765a1 100644
                                --- app/code/core/Mage/Core/etc/config.xml
                                +++ app/code/core/Mage/Core/etc/config.xml
                                @@ -28,7 +28,7 @@
                                <config>
                                <modules>
                                <Mage_Core>
                                - <version>1.6.0.2.1.2</version>
                                + <version>1.6.0.2.1.3</version>
                                </Mage_Core>
                                </modules>
                                <global>


                                The version listed here doesn't match correctly because of manually patching




                                SUPEE 9767 v2




                                That patch came with this line that I missed when manually patching.



                                diff --git app/code/core/Mage/Core/etc/config.xml app/code/core/Mage/Core/etc/config.xml
                                index 4a0ff1b..d0de702 100644
                                --- app/code/core/Mage/Core/etc/config.xml
                                +++ app/code/core/Mage/Core/etc/config.xml
                                @@ -28,7 +28,7 @@
                                <config>
                                <modules>
                                <Mage_Core>
                                - <version>1.6.0.2</version>
                                + <version>1.6.0.2.1.2</version>
                                </Mage_Core>
                                </modules>
                                <global>





                                share|improve this answer













                                I ran into an issue with the 10975 patch.
                                After some investigation I was able to track down the answer as to where the patch was messing up and why.



                                To summarize the below check and make sure you patched SUPEE 9767 V2 properly.
                                That is the root of my issue.



                                sh PATCH_SUPEE-10975_EE_v1.12.0.2_v1-2018-11-27-10-36-30.sh
                                Checking if patch can be applied/reverted successfully...
                                ERROR: Patch can't be applied/reverted successfully.

                                patching file app/code/core/Enterprise/PageCache/Model/Processor.php
                                Hunk #1 succeeded at 690 (offset -3 lines).
                                patching file app/code/core/Enterprise/Pci/etc/config.xml
                                patching file app/code/core/Enterprise/Wishlist/Block/Customer/Sharing.php
                                patching file app/code/core/Mage/Adminhtml/Block/Customer/Group/Edit.php
                                patching file app/code/core/Mage/Adminhtml/Block/Newsletter/Template/Edit.php
                                patching file app/code/core/Mage/Adminhtml/controllers/Cms/BlockController.php
                                patching file app/code/core/Mage/Adminhtml/controllers/Customer/GroupController.php
                                patching file app/code/core/Mage/Adminhtml/controllers/SitemapController.php
                                patching file app/code/core/Mage/Adminhtml/controllers/System/BackupController.php
                                patching file app/code/core/Mage/Captcha/Model/Observer.php
                                patching file app/code/core/Mage/Captcha/Model/Zend.php
                                patching file app/code/core/Mage/Captcha/etc/config.xml
                                patching file app/code/core/Mage/Catalog/Model/Api2/Product/Image/Rest/Admin/V1.php
                                patching file app/code/core/Mage/Catalog/Model/Product/Attribute/Media/Api.php
                                patching file app/code/core/Mage/Cms/Model/Wysiwyg/Images/Storage.php
                                patching file app/code/core/Mage/Core/etc/config.xml
                                Hunk #1 FAILED at 28.
                                1 out of 3 hunks FAILED -- saving rejects to file app/code/core/Mage/Core/etc/config.xml.rej
                                patching file app/code/core/Mage/Core/sql/core_setup/upgrade-1.6.0.2.1.2-1.6.0.2.1.3.php
                                patching file app/code/core/Mage/Dataflow/Model/Convert/Container/Abstract.php
                                patching file app/code/core/Mage/ImportExport/Model/Import/Entity/Customer.php
                                patching file app/code/core/Mage/ImportExport/Model/Import/Entity/Customer/Address.php
                                patching file app/code/core/Mage/Payment/etc/config.xml
                                patching file app/code/core/Mage/Payment/etc/system.xml
                                patching file app/code/core/Mage/Payment/sql/payment_setup/upgrade-1.6.0.0.1.1-1.6.0.0.1.2.php
                                patching file app/code/core/Mage/Wishlist/controllers/IndexController.php
                                patching file app/code/core/Zend/Controller/Request/Http.php
                                patching file app/design/adminhtml/default/default/template/cms/browser/content/files.phtml
                                patching file app/design/adminhtml/default/default/template/enterprise/cms/page/preview/revision.phtml
                                patching file app/design/adminhtml/default/default/template/enterprise/customersegment/report/detail/grid/container.phtml
                                patching file app/design/adminhtml/default/default/template/enterprise/giftregistry/customer/form.phtml
                                patching file app/design/adminhtml/default/default/template/enterprise/staging/log/information/merge.phtml
                                patching file app/design/adminhtml/default/default/template/enterprise/staging/log/information/rollback.phtml
                                patching file app/design/frontend/base/default/layout/captcha.xml
                                patching file app/design/frontend/base/default/template/wishlist/sharing.phtml
                                patching file app/design/frontend/enterprise/iphone/template/downloadable/sales/order/creditmemo/items/renderer/downloadable.phtml
                                patching file app/etc/modules/Mage_All.xml
                                patching file app/etc/modules/Mage_Captcha.xml
                                patching file app/locale/en_US/Enterprise_Wishlist.csv
                                patching file app/locale/en_US/Mage_Wishlist.csv
                                patching file js/enterprise/adminhtml/staging.js


                                Above is the error I hit which is specific to this file.




                                Mage/Core/etc/config.xml




                                The error comes from this line of the patch.



                                diff --git app/code/core/Mage/Core/etc/config.xml app/code/core/Mage/Core/etc/config.xml
                                index 4aebdcdc2cf..4b28f2765a1 100644
                                --- app/code/core/Mage/Core/etc/config.xml
                                +++ app/code/core/Mage/Core/etc/config.xml
                                @@ -28,7 +28,7 @@
                                <config>
                                <modules>
                                <Mage_Core>
                                - <version>1.6.0.2.1.2</version>
                                + <version>1.6.0.2.1.3</version>
                                </Mage_Core>
                                </modules>
                                <global>


                                The version listed here doesn't match correctly because of manually patching




                                SUPEE 9767 v2




                                That patch came with this line that I missed when manually patching.



                                diff --git app/code/core/Mage/Core/etc/config.xml app/code/core/Mage/Core/etc/config.xml
                                index 4a0ff1b..d0de702 100644
                                --- app/code/core/Mage/Core/etc/config.xml
                                +++ app/code/core/Mage/Core/etc/config.xml
                                @@ -28,7 +28,7 @@
                                <config>
                                <modules>
                                <Mage_Core>
                                - <version>1.6.0.2</version>
                                + <version>1.6.0.2.1.2</version>
                                </Mage_Core>
                                </modules>
                                <global>






                                share|improve this answer












                                share|improve this answer



                                share|improve this answer










                                answered Nov 29 '18 at 19:13









                                danmentzerdanmentzer

                                388110




                                388110























                                    4














                                    Firstly, sorry for the duplicate of erej's answer, i can't comment nor edit because of my reputation score.



                                    The patch creates a new file here : app/code/core/Zend/Controller/Request/Http.php



                                    Which is added to override this file : lib/Zend/Controller/Request/Http.php



                                    Problem is for Magento under 1.9.0.0 :



                                    This method :



                                    /**
                                    * Everything in REQUEST_URI before PATH_INFO
                                    * <form action="<?=$baseUrl?>/news/submit" method="POST"/>
                                    *
                                    * @return string
                                    */
                                    public function getBaseUrl($raw = false)
                                    {
                                    if (null === $this->_baseUrl) {
                                    $this->setBaseUrl();
                                    }

                                    return (($raw == false) ? urldecode($this->_baseUrl) : $this->_baseUrl);
                                    }


                                    Is overridden in Magento Core file app/code/core/Mage/Core/Controller/Request/Http.php



                                    public function getBaseUrl()
                                    {
                                    $url = parent::getBaseUrl();
                                    $url = str_replace('\', '/', $url);
                                    return $url;
                                    }


                                    Which does'nt take any arguments.



                                    So it fires this strict notice on any website url, front & admin :



                                    Strict Notice: Declaration of Mage_Core_Controller_Request_Http::getBaseUrl() should be compatible with Zend_Controller_Request_Http::getBaseUrl($raw = false) in /var/www/htdocs/app/code/core/Mage/Core/Controller/Request/Http.php on line 36



                                    If someone knows if any V2 of that patch is on the way, please let me know.



                                    Waiting for their update, you can redefine method in app/code/core/Mage/Core/Controller/Request/Http.php like that:



                                    /**
                                    * @param bool $raw - Added manually to correct SUPEE-10975 oversight
                                    * See https://magento.stackexchange.com/questions/251317/supee-10975-potential-issues
                                    * for more information
                                    *
                                    * @return mixed|string
                                    */
                                    public function getBaseUrl($raw = false)
                                    {
                                    $url = parent::getBaseUrl($raw); // Argument added manually to correct SUPEE-10975 oversight
                                    $url = str_replace('\', '/', $url);
                                    return $url;
                                    }





                                    share|improve this answer




























                                      4














                                      Firstly, sorry for the duplicate of erej's answer, i can't comment nor edit because of my reputation score.



                                      The patch creates a new file here : app/code/core/Zend/Controller/Request/Http.php



                                      Which is added to override this file : lib/Zend/Controller/Request/Http.php



                                      Problem is for Magento under 1.9.0.0 :



                                      This method :



                                      /**
                                      * Everything in REQUEST_URI before PATH_INFO
                                      * <form action="<?=$baseUrl?>/news/submit" method="POST"/>
                                      *
                                      * @return string
                                      */
                                      public function getBaseUrl($raw = false)
                                      {
                                      if (null === $this->_baseUrl) {
                                      $this->setBaseUrl();
                                      }

                                      return (($raw == false) ? urldecode($this->_baseUrl) : $this->_baseUrl);
                                      }


                                      Is overridden in Magento Core file app/code/core/Mage/Core/Controller/Request/Http.php



                                      public function getBaseUrl()
                                      {
                                      $url = parent::getBaseUrl();
                                      $url = str_replace('\', '/', $url);
                                      return $url;
                                      }


                                      Which does'nt take any arguments.



                                      So it fires this strict notice on any website url, front & admin :



                                      Strict Notice: Declaration of Mage_Core_Controller_Request_Http::getBaseUrl() should be compatible with Zend_Controller_Request_Http::getBaseUrl($raw = false) in /var/www/htdocs/app/code/core/Mage/Core/Controller/Request/Http.php on line 36



                                      If someone knows if any V2 of that patch is on the way, please let me know.



                                      Waiting for their update, you can redefine method in app/code/core/Mage/Core/Controller/Request/Http.php like that:



                                      /**
                                      * @param bool $raw - Added manually to correct SUPEE-10975 oversight
                                      * See https://magento.stackexchange.com/questions/251317/supee-10975-potential-issues
                                      * for more information
                                      *
                                      * @return mixed|string
                                      */
                                      public function getBaseUrl($raw = false)
                                      {
                                      $url = parent::getBaseUrl($raw); // Argument added manually to correct SUPEE-10975 oversight
                                      $url = str_replace('\', '/', $url);
                                      return $url;
                                      }





                                      share|improve this answer


























                                        4












                                        4








                                        4







                                        Firstly, sorry for the duplicate of erej's answer, i can't comment nor edit because of my reputation score.



                                        The patch creates a new file here : app/code/core/Zend/Controller/Request/Http.php



                                        Which is added to override this file : lib/Zend/Controller/Request/Http.php



                                        Problem is for Magento under 1.9.0.0 :



                                        This method :



                                        /**
                                        * Everything in REQUEST_URI before PATH_INFO
                                        * <form action="<?=$baseUrl?>/news/submit" method="POST"/>
                                        *
                                        * @return string
                                        */
                                        public function getBaseUrl($raw = false)
                                        {
                                        if (null === $this->_baseUrl) {
                                        $this->setBaseUrl();
                                        }

                                        return (($raw == false) ? urldecode($this->_baseUrl) : $this->_baseUrl);
                                        }


                                        Is overridden in Magento Core file app/code/core/Mage/Core/Controller/Request/Http.php



                                        public function getBaseUrl()
                                        {
                                        $url = parent::getBaseUrl();
                                        $url = str_replace('\', '/', $url);
                                        return $url;
                                        }


                                        Which does'nt take any arguments.



                                        So it fires this strict notice on any website url, front & admin :



                                        Strict Notice: Declaration of Mage_Core_Controller_Request_Http::getBaseUrl() should be compatible with Zend_Controller_Request_Http::getBaseUrl($raw = false) in /var/www/htdocs/app/code/core/Mage/Core/Controller/Request/Http.php on line 36



                                        If someone knows if any V2 of that patch is on the way, please let me know.



                                        Waiting for their update, you can redefine method in app/code/core/Mage/Core/Controller/Request/Http.php like that:



                                        /**
                                        * @param bool $raw - Added manually to correct SUPEE-10975 oversight
                                        * See https://magento.stackexchange.com/questions/251317/supee-10975-potential-issues
                                        * for more information
                                        *
                                        * @return mixed|string
                                        */
                                        public function getBaseUrl($raw = false)
                                        {
                                        $url = parent::getBaseUrl($raw); // Argument added manually to correct SUPEE-10975 oversight
                                        $url = str_replace('\', '/', $url);
                                        return $url;
                                        }





                                        share|improve this answer













                                        Firstly, sorry for the duplicate of erej's answer, i can't comment nor edit because of my reputation score.



                                        The patch creates a new file here : app/code/core/Zend/Controller/Request/Http.php



                                        Which is added to override this file : lib/Zend/Controller/Request/Http.php



                                        Problem is for Magento under 1.9.0.0 :



                                        This method :



                                        /**
                                        * Everything in REQUEST_URI before PATH_INFO
                                        * <form action="<?=$baseUrl?>/news/submit" method="POST"/>
                                        *
                                        * @return string
                                        */
                                        public function getBaseUrl($raw = false)
                                        {
                                        if (null === $this->_baseUrl) {
                                        $this->setBaseUrl();
                                        }

                                        return (($raw == false) ? urldecode($this->_baseUrl) : $this->_baseUrl);
                                        }


                                        Is overridden in Magento Core file app/code/core/Mage/Core/Controller/Request/Http.php



                                        public function getBaseUrl()
                                        {
                                        $url = parent::getBaseUrl();
                                        $url = str_replace('\', '/', $url);
                                        return $url;
                                        }


                                        Which does'nt take any arguments.



                                        So it fires this strict notice on any website url, front & admin :



                                        Strict Notice: Declaration of Mage_Core_Controller_Request_Http::getBaseUrl() should be compatible with Zend_Controller_Request_Http::getBaseUrl($raw = false) in /var/www/htdocs/app/code/core/Mage/Core/Controller/Request/Http.php on line 36



                                        If someone knows if any V2 of that patch is on the way, please let me know.



                                        Waiting for their update, you can redefine method in app/code/core/Mage/Core/Controller/Request/Http.php like that:



                                        /**
                                        * @param bool $raw - Added manually to correct SUPEE-10975 oversight
                                        * See https://magento.stackexchange.com/questions/251317/supee-10975-potential-issues
                                        * for more information
                                        *
                                        * @return mixed|string
                                        */
                                        public function getBaseUrl($raw = false)
                                        {
                                        $url = parent::getBaseUrl($raw); // Argument added manually to correct SUPEE-10975 oversight
                                        $url = str_replace('\', '/', $url);
                                        return $url;
                                        }






                                        share|improve this answer












                                        share|improve this answer



                                        share|improve this answer










                                        answered Dec 7 '18 at 15:15









                                        jdemandrejdemandre

                                        414




                                        414























                                            3














                                            With version 1.8.1.0 after applying this patch we also had to change
                                            app/code/core/Mage/Core/Controller/Request/Http.php::getBaseUrl() function
                                            to be



                                            public function getBaseUrl($raw = false)
                                            {
                                            $url = parent::getBaseUrl($raw);
                                            $url = str_replace('\', '/', $url);
                                            return $url;
                                            }


                                            because this patch adds app/code/core/Zend/Controller/Request/Http.php file and getBaseUrl() function is declared with parameter $raw = false.






                                            share|improve this answer
























                                            • It shouldn't be necessary to add this function. It will just always default to not raw, because any functionality calling this function should not have $raw set in 1.8.1.

                                              – René Schep
                                              Dec 5 '18 at 14:51


















                                            3














                                            With version 1.8.1.0 after applying this patch we also had to change
                                            app/code/core/Mage/Core/Controller/Request/Http.php::getBaseUrl() function
                                            to be



                                            public function getBaseUrl($raw = false)
                                            {
                                            $url = parent::getBaseUrl($raw);
                                            $url = str_replace('\', '/', $url);
                                            return $url;
                                            }


                                            because this patch adds app/code/core/Zend/Controller/Request/Http.php file and getBaseUrl() function is declared with parameter $raw = false.






                                            share|improve this answer
























                                            • It shouldn't be necessary to add this function. It will just always default to not raw, because any functionality calling this function should not have $raw set in 1.8.1.

                                              – René Schep
                                              Dec 5 '18 at 14:51
















                                            3












                                            3








                                            3







                                            With version 1.8.1.0 after applying this patch we also had to change
                                            app/code/core/Mage/Core/Controller/Request/Http.php::getBaseUrl() function
                                            to be



                                            public function getBaseUrl($raw = false)
                                            {
                                            $url = parent::getBaseUrl($raw);
                                            $url = str_replace('\', '/', $url);
                                            return $url;
                                            }


                                            because this patch adds app/code/core/Zend/Controller/Request/Http.php file and getBaseUrl() function is declared with parameter $raw = false.






                                            share|improve this answer













                                            With version 1.8.1.0 after applying this patch we also had to change
                                            app/code/core/Mage/Core/Controller/Request/Http.php::getBaseUrl() function
                                            to be



                                            public function getBaseUrl($raw = false)
                                            {
                                            $url = parent::getBaseUrl($raw);
                                            $url = str_replace('\', '/', $url);
                                            return $url;
                                            }


                                            because this patch adds app/code/core/Zend/Controller/Request/Http.php file and getBaseUrl() function is declared with parameter $raw = false.







                                            share|improve this answer












                                            share|improve this answer



                                            share|improve this answer










                                            answered Nov 29 '18 at 9:50









                                            erejerej

                                            312




                                            312













                                            • It shouldn't be necessary to add this function. It will just always default to not raw, because any functionality calling this function should not have $raw set in 1.8.1.

                                              – René Schep
                                              Dec 5 '18 at 14:51





















                                            • It shouldn't be necessary to add this function. It will just always default to not raw, because any functionality calling this function should not have $raw set in 1.8.1.

                                              – René Schep
                                              Dec 5 '18 at 14:51



















                                            It shouldn't be necessary to add this function. It will just always default to not raw, because any functionality calling this function should not have $raw set in 1.8.1.

                                            – René Schep
                                            Dec 5 '18 at 14:51







                                            It shouldn't be necessary to add this function. It will just always default to not raw, because any functionality calling this function should not have $raw set in 1.8.1.

                                            – René Schep
                                            Dec 5 '18 at 14:51













                                            2














                                            I have a problem with 'Hunk #1 FAILED at 28'



                                            Rejects are supposedly saved to config.xml.rej but this file doesn't exist, neither is there any description of what part of the script failed in my terminal window. Basically the patch fails and there is no indication why - at least not to a dumbass like me!



                                            On first run the patch attempted to delete three jquery v 1.12.0 files which didn't exist, I replaced these and applied the patch again but it now fails without any useful description.



                                            Magento 1.9.0.1 fully patched apart from the PHP 7.2 compatibility update, it will remain unpatched unless I can work it out or someone on here can give me a clue (please!)
                                            Thanks
                                            H



                                            PS I'm not sure if my post contravenes SE guidelines, I am answering the original question but I'm also asking for help.






                                            share|improve this answer
























                                            • I ran into this issue as well it is related to the patch 9767 v2 it adds a new version number to the Mage/Core/etc/config.xml You should just need to add onto the current version number .1.2 I will also be writing an answer for this as well.

                                              – danmentzer
                                              Nov 29 '18 at 19:02
















                                            2














                                            I have a problem with 'Hunk #1 FAILED at 28'



                                            Rejects are supposedly saved to config.xml.rej but this file doesn't exist, neither is there any description of what part of the script failed in my terminal window. Basically the patch fails and there is no indication why - at least not to a dumbass like me!



                                            On first run the patch attempted to delete three jquery v 1.12.0 files which didn't exist, I replaced these and applied the patch again but it now fails without any useful description.



                                            Magento 1.9.0.1 fully patched apart from the PHP 7.2 compatibility update, it will remain unpatched unless I can work it out or someone on here can give me a clue (please!)
                                            Thanks
                                            H



                                            PS I'm not sure if my post contravenes SE guidelines, I am answering the original question but I'm also asking for help.






                                            share|improve this answer
























                                            • I ran into this issue as well it is related to the patch 9767 v2 it adds a new version number to the Mage/Core/etc/config.xml You should just need to add onto the current version number .1.2 I will also be writing an answer for this as well.

                                              – danmentzer
                                              Nov 29 '18 at 19:02














                                            2












                                            2








                                            2







                                            I have a problem with 'Hunk #1 FAILED at 28'



                                            Rejects are supposedly saved to config.xml.rej but this file doesn't exist, neither is there any description of what part of the script failed in my terminal window. Basically the patch fails and there is no indication why - at least not to a dumbass like me!



                                            On first run the patch attempted to delete three jquery v 1.12.0 files which didn't exist, I replaced these and applied the patch again but it now fails without any useful description.



                                            Magento 1.9.0.1 fully patched apart from the PHP 7.2 compatibility update, it will remain unpatched unless I can work it out or someone on here can give me a clue (please!)
                                            Thanks
                                            H



                                            PS I'm not sure if my post contravenes SE guidelines, I am answering the original question but I'm also asking for help.






                                            share|improve this answer













                                            I have a problem with 'Hunk #1 FAILED at 28'



                                            Rejects are supposedly saved to config.xml.rej but this file doesn't exist, neither is there any description of what part of the script failed in my terminal window. Basically the patch fails and there is no indication why - at least not to a dumbass like me!



                                            On first run the patch attempted to delete three jquery v 1.12.0 files which didn't exist, I replaced these and applied the patch again but it now fails without any useful description.



                                            Magento 1.9.0.1 fully patched apart from the PHP 7.2 compatibility update, it will remain unpatched unless I can work it out or someone on here can give me a clue (please!)
                                            Thanks
                                            H



                                            PS I'm not sure if my post contravenes SE guidelines, I am answering the original question but I'm also asking for help.







                                            share|improve this answer












                                            share|improve this answer



                                            share|improve this answer










                                            answered Nov 29 '18 at 11:39









                                            SparkoSparko

                                            265




                                            265













                                            • I ran into this issue as well it is related to the patch 9767 v2 it adds a new version number to the Mage/Core/etc/config.xml You should just need to add onto the current version number .1.2 I will also be writing an answer for this as well.

                                              – danmentzer
                                              Nov 29 '18 at 19:02



















                                            • I ran into this issue as well it is related to the patch 9767 v2 it adds a new version number to the Mage/Core/etc/config.xml You should just need to add onto the current version number .1.2 I will also be writing an answer for this as well.

                                              – danmentzer
                                              Nov 29 '18 at 19:02

















                                            I ran into this issue as well it is related to the patch 9767 v2 it adds a new version number to the Mage/Core/etc/config.xml You should just need to add onto the current version number .1.2 I will also be writing an answer for this as well.

                                            – danmentzer
                                            Nov 29 '18 at 19:02





                                            I ran into this issue as well it is related to the patch 9767 v2 it adds a new version number to the Mage/Core/etc/config.xml You should just need to add onto the current version number .1.2 I will also be writing an answer for this as well.

                                            – danmentzer
                                            Nov 29 '18 at 19:02











                                            2














                                            The Mage_Backup Module will be disabled by the patch.



                                            This is mentioned in the official release notes (https://devdocs.magento.com/guides/m1x/ce19-ee114/ce1.9_release-notes.html#ce19-1940).



                                            However the suggested solution to re-enable it is wrong:



                                            ("Alternatively, you can use one of these two methods to enable database backups")



                                            You actually need to use both methods mentioned to fully re-enable it.






                                            share|improve this answer





















                                            • 1





                                              Also remember that re-enabling the Mage_Backup module opens you up to: "remote code execution (RCE), cross-site scripting (XSS), and cross-site request forgery (CSRF) issues."

                                              – René Schep
                                              Dec 5 '18 at 13:26


















                                            2














                                            The Mage_Backup Module will be disabled by the patch.



                                            This is mentioned in the official release notes (https://devdocs.magento.com/guides/m1x/ce19-ee114/ce1.9_release-notes.html#ce19-1940).



                                            However the suggested solution to re-enable it is wrong:



                                            ("Alternatively, you can use one of these two methods to enable database backups")



                                            You actually need to use both methods mentioned to fully re-enable it.






                                            share|improve this answer





















                                            • 1





                                              Also remember that re-enabling the Mage_Backup module opens you up to: "remote code execution (RCE), cross-site scripting (XSS), and cross-site request forgery (CSRF) issues."

                                              – René Schep
                                              Dec 5 '18 at 13:26
















                                            2












                                            2








                                            2







                                            The Mage_Backup Module will be disabled by the patch.



                                            This is mentioned in the official release notes (https://devdocs.magento.com/guides/m1x/ce19-ee114/ce1.9_release-notes.html#ce19-1940).



                                            However the suggested solution to re-enable it is wrong:



                                            ("Alternatively, you can use one of these two methods to enable database backups")



                                            You actually need to use both methods mentioned to fully re-enable it.






                                            share|improve this answer















                                            The Mage_Backup Module will be disabled by the patch.



                                            This is mentioned in the official release notes (https://devdocs.magento.com/guides/m1x/ce19-ee114/ce1.9_release-notes.html#ce19-1940).



                                            However the suggested solution to re-enable it is wrong:



                                            ("Alternatively, you can use one of these two methods to enable database backups")



                                            You actually need to use both methods mentioned to fully re-enable it.







                                            share|improve this answer














                                            share|improve this answer



                                            share|improve this answer








                                            edited Jan 21 at 19:43









                                            Community

                                            1




                                            1










                                            answered Nov 30 '18 at 9:26









                                            poebelpoebel

                                            211




                                            211








                                            • 1





                                              Also remember that re-enabling the Mage_Backup module opens you up to: "remote code execution (RCE), cross-site scripting (XSS), and cross-site request forgery (CSRF) issues."

                                              – René Schep
                                              Dec 5 '18 at 13:26
















                                            • 1





                                              Also remember that re-enabling the Mage_Backup module opens you up to: "remote code execution (RCE), cross-site scripting (XSS), and cross-site request forgery (CSRF) issues."

                                              – René Schep
                                              Dec 5 '18 at 13:26










                                            1




                                            1





                                            Also remember that re-enabling the Mage_Backup module opens you up to: "remote code execution (RCE), cross-site scripting (XSS), and cross-site request forgery (CSRF) issues."

                                            – René Schep
                                            Dec 5 '18 at 13:26







                                            Also remember that re-enabling the Mage_Backup module opens you up to: "remote code execution (RCE), cross-site scripting (XSS), and cross-site request forgery (CSRF) issues."

                                            – René Schep
                                            Dec 5 '18 at 13:26













                                            1














                                            Specific problem, but if you disabled Mage_Sendfriend (which previously was a module you could safely disable) it will throw an exception error.






                                            share|improve this answer



















                                            • 1





                                              They made Mage_Captcha depended on Mage_Sendfriend instead of the other way around. So you need to also deactivate Mage_Captcha to disable Mage_Sendfriend. Which might not be what you want because it disables all Magento default recaptcha's

                                              – René Schep
                                              Dec 5 '18 at 15:08
















                                            1














                                            Specific problem, but if you disabled Mage_Sendfriend (which previously was a module you could safely disable) it will throw an exception error.






                                            share|improve this answer



















                                            • 1





                                              They made Mage_Captcha depended on Mage_Sendfriend instead of the other way around. So you need to also deactivate Mage_Captcha to disable Mage_Sendfriend. Which might not be what you want because it disables all Magento default recaptcha's

                                              – René Schep
                                              Dec 5 '18 at 15:08














                                            1












                                            1








                                            1







                                            Specific problem, but if you disabled Mage_Sendfriend (which previously was a module you could safely disable) it will throw an exception error.






                                            share|improve this answer













                                            Specific problem, but if you disabled Mage_Sendfriend (which previously was a module you could safely disable) it will throw an exception error.







                                            share|improve this answer












                                            share|improve this answer



                                            share|improve this answer










                                            answered Nov 29 '18 at 10:28









                                            zlepzlep

                                            618




                                            618








                                            • 1





                                              They made Mage_Captcha depended on Mage_Sendfriend instead of the other way around. So you need to also deactivate Mage_Captcha to disable Mage_Sendfriend. Which might not be what you want because it disables all Magento default recaptcha's

                                              – René Schep
                                              Dec 5 '18 at 15:08














                                            • 1





                                              They made Mage_Captcha depended on Mage_Sendfriend instead of the other way around. So you need to also deactivate Mage_Captcha to disable Mage_Sendfriend. Which might not be what you want because it disables all Magento default recaptcha's

                                              – René Schep
                                              Dec 5 '18 at 15:08








                                            1




                                            1





                                            They made Mage_Captcha depended on Mage_Sendfriend instead of the other way around. So you need to also deactivate Mage_Captcha to disable Mage_Sendfriend. Which might not be what you want because it disables all Magento default recaptcha's

                                            – René Schep
                                            Dec 5 '18 at 15:08





                                            They made Mage_Captcha depended on Mage_Sendfriend instead of the other way around. So you need to also deactivate Mage_Captcha to disable Mage_Sendfriend. Which might not be what you want because it disables all Magento default recaptcha's

                                            – René Schep
                                            Dec 5 '18 at 15:08











                                            1














                                            There can be issues with handling tax calculation correctly.



                                            As is customary in many countries, our customer uses the "prices include taxes" configuration of Magento.



                                            So, after the update from 1.9.3.10 to 1.9.4.0, the tax got added to the grand total in checkout, on top of the item prices already including taxes.



                                            I tracked the issue down to a change in the configuration in file app/code/core/Mage/Sales/etc/config.xml, where "msrp" was added to the node sales/quote/totals/shipping/after.



                                            I did not find anything regarding MSRP in the release notes and I hope that this is an isolated change without any side-effects.



                                            My solution was to change this node back to its original value "subtotal,freeshipping,tax_subtotal" without the "msrp". I did so in the etc/config.xml of my own module.






                                            share|improve this answer




























                                              1














                                              There can be issues with handling tax calculation correctly.



                                              As is customary in many countries, our customer uses the "prices include taxes" configuration of Magento.



                                              So, after the update from 1.9.3.10 to 1.9.4.0, the tax got added to the grand total in checkout, on top of the item prices already including taxes.



                                              I tracked the issue down to a change in the configuration in file app/code/core/Mage/Sales/etc/config.xml, where "msrp" was added to the node sales/quote/totals/shipping/after.



                                              I did not find anything regarding MSRP in the release notes and I hope that this is an isolated change without any side-effects.



                                              My solution was to change this node back to its original value "subtotal,freeshipping,tax_subtotal" without the "msrp". I did so in the etc/config.xml of my own module.






                                              share|improve this answer


























                                                1












                                                1








                                                1







                                                There can be issues with handling tax calculation correctly.



                                                As is customary in many countries, our customer uses the "prices include taxes" configuration of Magento.



                                                So, after the update from 1.9.3.10 to 1.9.4.0, the tax got added to the grand total in checkout, on top of the item prices already including taxes.



                                                I tracked the issue down to a change in the configuration in file app/code/core/Mage/Sales/etc/config.xml, where "msrp" was added to the node sales/quote/totals/shipping/after.



                                                I did not find anything regarding MSRP in the release notes and I hope that this is an isolated change without any side-effects.



                                                My solution was to change this node back to its original value "subtotal,freeshipping,tax_subtotal" without the "msrp". I did so in the etc/config.xml of my own module.






                                                share|improve this answer













                                                There can be issues with handling tax calculation correctly.



                                                As is customary in many countries, our customer uses the "prices include taxes" configuration of Magento.



                                                So, after the update from 1.9.3.10 to 1.9.4.0, the tax got added to the grand total in checkout, on top of the item prices already including taxes.



                                                I tracked the issue down to a change in the configuration in file app/code/core/Mage/Sales/etc/config.xml, where "msrp" was added to the node sales/quote/totals/shipping/after.



                                                I did not find anything regarding MSRP in the release notes and I hope that this is an isolated change without any side-effects.



                                                My solution was to change this node back to its original value "subtotal,freeshipping,tax_subtotal" without the "msrp". I did so in the etc/config.xml of my own module.







                                                share|improve this answer












                                                share|improve this answer



                                                share|improve this answer










                                                answered Dec 17 '18 at 15:31









                                                tdk_qsttdk_qst

                                                111




                                                111























                                                    0














                                                    I tried to upgrade from Magento CE 1.9.3.10 to 1.9.4.0 today and I had multiple errors. Fortunately it didn't mess up the installation. After the installation I got the dreaded - Internal Server Error. I did get locked out and I had to reset all of my file and folder permissions via SSH along with removing the maintenance.flag. I then reindexed and re-enabled the cache. Plus I had to revert to my old .htaccess file in the Root and Download folder. Not sure what the corrective action should be to get a successful installation. I forgot to copy the text from the command-line window. So I can't post all the errors. What I did see was incompatible messages.






                                                    share|improve this answer



















                                                    • 1





                                                      I dont think "upgrade" method through downloader ever worked on any installation that is at least a little edited. Am I crazy?

                                                      – Kalvin Klien
                                                      Nov 30 '18 at 21:03











                                                    • The "upgrade" method using Magento Connect works every single time for me. I use it for all three of our M1 sites and they are all heavily (though properly) customized.

                                                      – MagentoAaron
                                                      Jan 21 at 19:10
















                                                    0














                                                    I tried to upgrade from Magento CE 1.9.3.10 to 1.9.4.0 today and I had multiple errors. Fortunately it didn't mess up the installation. After the installation I got the dreaded - Internal Server Error. I did get locked out and I had to reset all of my file and folder permissions via SSH along with removing the maintenance.flag. I then reindexed and re-enabled the cache. Plus I had to revert to my old .htaccess file in the Root and Download folder. Not sure what the corrective action should be to get a successful installation. I forgot to copy the text from the command-line window. So I can't post all the errors. What I did see was incompatible messages.






                                                    share|improve this answer



















                                                    • 1





                                                      I dont think "upgrade" method through downloader ever worked on any installation that is at least a little edited. Am I crazy?

                                                      – Kalvin Klien
                                                      Nov 30 '18 at 21:03











                                                    • The "upgrade" method using Magento Connect works every single time for me. I use it for all three of our M1 sites and they are all heavily (though properly) customized.

                                                      – MagentoAaron
                                                      Jan 21 at 19:10














                                                    0












                                                    0








                                                    0







                                                    I tried to upgrade from Magento CE 1.9.3.10 to 1.9.4.0 today and I had multiple errors. Fortunately it didn't mess up the installation. After the installation I got the dreaded - Internal Server Error. I did get locked out and I had to reset all of my file and folder permissions via SSH along with removing the maintenance.flag. I then reindexed and re-enabled the cache. Plus I had to revert to my old .htaccess file in the Root and Download folder. Not sure what the corrective action should be to get a successful installation. I forgot to copy the text from the command-line window. So I can't post all the errors. What I did see was incompatible messages.






                                                    share|improve this answer













                                                    I tried to upgrade from Magento CE 1.9.3.10 to 1.9.4.0 today and I had multiple errors. Fortunately it didn't mess up the installation. After the installation I got the dreaded - Internal Server Error. I did get locked out and I had to reset all of my file and folder permissions via SSH along with removing the maintenance.flag. I then reindexed and re-enabled the cache. Plus I had to revert to my old .htaccess file in the Root and Download folder. Not sure what the corrective action should be to get a successful installation. I forgot to copy the text from the command-line window. So I can't post all the errors. What I did see was incompatible messages.







                                                    share|improve this answer












                                                    share|improve this answer



                                                    share|improve this answer










                                                    answered Nov 30 '18 at 18:49









                                                    Neal HartNeal Hart

                                                    1616




                                                    1616








                                                    • 1





                                                      I dont think "upgrade" method through downloader ever worked on any installation that is at least a little edited. Am I crazy?

                                                      – Kalvin Klien
                                                      Nov 30 '18 at 21:03











                                                    • The "upgrade" method using Magento Connect works every single time for me. I use it for all three of our M1 sites and they are all heavily (though properly) customized.

                                                      – MagentoAaron
                                                      Jan 21 at 19:10














                                                    • 1





                                                      I dont think "upgrade" method through downloader ever worked on any installation that is at least a little edited. Am I crazy?

                                                      – Kalvin Klien
                                                      Nov 30 '18 at 21:03











                                                    • The "upgrade" method using Magento Connect works every single time for me. I use it for all three of our M1 sites and they are all heavily (though properly) customized.

                                                      – MagentoAaron
                                                      Jan 21 at 19:10








                                                    1




                                                    1





                                                    I dont think "upgrade" method through downloader ever worked on any installation that is at least a little edited. Am I crazy?

                                                    – Kalvin Klien
                                                    Nov 30 '18 at 21:03





                                                    I dont think "upgrade" method through downloader ever worked on any installation that is at least a little edited. Am I crazy?

                                                    – Kalvin Klien
                                                    Nov 30 '18 at 21:03













                                                    The "upgrade" method using Magento Connect works every single time for me. I use it for all three of our M1 sites and they are all heavily (though properly) customized.

                                                    – MagentoAaron
                                                    Jan 21 at 19:10





                                                    The "upgrade" method using Magento Connect works every single time for me. I use it for all three of our M1 sites and they are all heavily (though properly) customized.

                                                    – MagentoAaron
                                                    Jan 21 at 19:10











                                                    0














                                                    Did they remove Scheduled Backup? No Scheduled Backup Section



                                                    Or I have some kind of a problem? Why is there no mention of this in any of the notes? This seems to be a pattern with Magento where they dont mention changes like these when updates come out.



                                                    UPDATE: looks like they removed it completely from all versions.



                                                    UPDATE: had to do backups differently. If anybody interested I posted some of the CRON commands here: Back-up strategy post SUPEE-10975?






                                                    share|improve this answer


























                                                    • Is this for any specific version?

                                                      – Razentic
                                                      Nov 30 '18 at 12:45






                                                    • 2





                                                      Per twitter.com/ryanhoerr/status/1067819214314987520 That is a specific part they removed per this patch.

                                                      – danmentzer
                                                      Nov 30 '18 at 14:17











                                                    • Oh god...ok classic - gotta find out from some other source then magento about removal / addition of features.

                                                      – Kalvin Klien
                                                      Nov 30 '18 at 16:29






                                                    • 1





                                                      @KalvinKlien actually, first paragraph in the release notes states that it's been deactivated; devdocs.magento.com/guides/m1x/ce19-ee114/…

                                                      – Peter Jaap Blaakmeer
                                                      Dec 4 '18 at 9:40






                                                    • 3





                                                      The change in this patch is that Mage_Backup is deactivated by default and the checks for running the code are stricter (eg. if block output for the module is deactivated the backups wont run). You can still manually re-enable the module by changing false to true in the Mage_Backup section of app/etc/modules/Mage_All.xml. Be careful that re-enabling the backup functionality potentially allows: "remote code execution (RCE), cross-site scripting (XSS), and cross-site request forgery (CSRF) issues."

                                                      – René Schep
                                                      Dec 5 '18 at 13:13


















                                                    0














                                                    Did they remove Scheduled Backup? No Scheduled Backup Section



                                                    Or I have some kind of a problem? Why is there no mention of this in any of the notes? This seems to be a pattern with Magento where they dont mention changes like these when updates come out.



                                                    UPDATE: looks like they removed it completely from all versions.



                                                    UPDATE: had to do backups differently. If anybody interested I posted some of the CRON commands here: Back-up strategy post SUPEE-10975?






                                                    share|improve this answer


























                                                    • Is this for any specific version?

                                                      – Razentic
                                                      Nov 30 '18 at 12:45






                                                    • 2





                                                      Per twitter.com/ryanhoerr/status/1067819214314987520 That is a specific part they removed per this patch.

                                                      – danmentzer
                                                      Nov 30 '18 at 14:17











                                                    • Oh god...ok classic - gotta find out from some other source then magento about removal / addition of features.

                                                      – Kalvin Klien
                                                      Nov 30 '18 at 16:29






                                                    • 1





                                                      @KalvinKlien actually, first paragraph in the release notes states that it's been deactivated; devdocs.magento.com/guides/m1x/ce19-ee114/…

                                                      – Peter Jaap Blaakmeer
                                                      Dec 4 '18 at 9:40






                                                    • 3





                                                      The change in this patch is that Mage_Backup is deactivated by default and the checks for running the code are stricter (eg. if block output for the module is deactivated the backups wont run). You can still manually re-enable the module by changing false to true in the Mage_Backup section of app/etc/modules/Mage_All.xml. Be careful that re-enabling the backup functionality potentially allows: "remote code execution (RCE), cross-site scripting (XSS), and cross-site request forgery (CSRF) issues."

                                                      – René Schep
                                                      Dec 5 '18 at 13:13
















                                                    0












                                                    0








                                                    0







                                                    Did they remove Scheduled Backup? No Scheduled Backup Section



                                                    Or I have some kind of a problem? Why is there no mention of this in any of the notes? This seems to be a pattern with Magento where they dont mention changes like these when updates come out.



                                                    UPDATE: looks like they removed it completely from all versions.



                                                    UPDATE: had to do backups differently. If anybody interested I posted some of the CRON commands here: Back-up strategy post SUPEE-10975?






                                                    share|improve this answer















                                                    Did they remove Scheduled Backup? No Scheduled Backup Section



                                                    Or I have some kind of a problem? Why is there no mention of this in any of the notes? This seems to be a pattern with Magento where they dont mention changes like these when updates come out.



                                                    UPDATE: looks like they removed it completely from all versions.



                                                    UPDATE: had to do backups differently. If anybody interested I posted some of the CRON commands here: Back-up strategy post SUPEE-10975?







                                                    share|improve this answer














                                                    share|improve this answer



                                                    share|improve this answer








                                                    edited Dec 5 '18 at 17:43

























                                                    answered Nov 29 '18 at 22:54









                                                    Kalvin KlienKalvin Klien

                                                    159115




                                                    159115













                                                    • Is this for any specific version?

                                                      – Razentic
                                                      Nov 30 '18 at 12:45






                                                    • 2





                                                      Per twitter.com/ryanhoerr/status/1067819214314987520 That is a specific part they removed per this patch.

                                                      – danmentzer
                                                      Nov 30 '18 at 14:17











                                                    • Oh god...ok classic - gotta find out from some other source then magento about removal / addition of features.

                                                      – Kalvin Klien
                                                      Nov 30 '18 at 16:29






                                                    • 1





                                                      @KalvinKlien actually, first paragraph in the release notes states that it's been deactivated; devdocs.magento.com/guides/m1x/ce19-ee114/…

                                                      – Peter Jaap Blaakmeer
                                                      Dec 4 '18 at 9:40






                                                    • 3





                                                      The change in this patch is that Mage_Backup is deactivated by default and the checks for running the code are stricter (eg. if block output for the module is deactivated the backups wont run). You can still manually re-enable the module by changing false to true in the Mage_Backup section of app/etc/modules/Mage_All.xml. Be careful that re-enabling the backup functionality potentially allows: "remote code execution (RCE), cross-site scripting (XSS), and cross-site request forgery (CSRF) issues."

                                                      – René Schep
                                                      Dec 5 '18 at 13:13





















                                                    • Is this for any specific version?

                                                      – Razentic
                                                      Nov 30 '18 at 12:45






                                                    • 2





                                                      Per twitter.com/ryanhoerr/status/1067819214314987520 That is a specific part they removed per this patch.

                                                      – danmentzer
                                                      Nov 30 '18 at 14:17











                                                    • Oh god...ok classic - gotta find out from some other source then magento about removal / addition of features.

                                                      – Kalvin Klien
                                                      Nov 30 '18 at 16:29






                                                    • 1





                                                      @KalvinKlien actually, first paragraph in the release notes states that it's been deactivated; devdocs.magento.com/guides/m1x/ce19-ee114/…

                                                      – Peter Jaap Blaakmeer
                                                      Dec 4 '18 at 9:40






                                                    • 3





                                                      The change in this patch is that Mage_Backup is deactivated by default and the checks for running the code are stricter (eg. if block output for the module is deactivated the backups wont run). You can still manually re-enable the module by changing false to true in the Mage_Backup section of app/etc/modules/Mage_All.xml. Be careful that re-enabling the backup functionality potentially allows: "remote code execution (RCE), cross-site scripting (XSS), and cross-site request forgery (CSRF) issues."

                                                      – René Schep
                                                      Dec 5 '18 at 13:13



















                                                    Is this for any specific version?

                                                    – Razentic
                                                    Nov 30 '18 at 12:45





                                                    Is this for any specific version?

                                                    – Razentic
                                                    Nov 30 '18 at 12:45




                                                    2




                                                    2





                                                    Per twitter.com/ryanhoerr/status/1067819214314987520 That is a specific part they removed per this patch.

                                                    – danmentzer
                                                    Nov 30 '18 at 14:17





                                                    Per twitter.com/ryanhoerr/status/1067819214314987520 That is a specific part they removed per this patch.

                                                    – danmentzer
                                                    Nov 30 '18 at 14:17













                                                    Oh god...ok classic - gotta find out from some other source then magento about removal / addition of features.

                                                    – Kalvin Klien
                                                    Nov 30 '18 at 16:29





                                                    Oh god...ok classic - gotta find out from some other source then magento about removal / addition of features.

                                                    – Kalvin Klien
                                                    Nov 30 '18 at 16:29




                                                    1




                                                    1





                                                    @KalvinKlien actually, first paragraph in the release notes states that it's been deactivated; devdocs.magento.com/guides/m1x/ce19-ee114/…

                                                    – Peter Jaap Blaakmeer
                                                    Dec 4 '18 at 9:40





                                                    @KalvinKlien actually, first paragraph in the release notes states that it's been deactivated; devdocs.magento.com/guides/m1x/ce19-ee114/…

                                                    – Peter Jaap Blaakmeer
                                                    Dec 4 '18 at 9:40




                                                    3




                                                    3





                                                    The change in this patch is that Mage_Backup is deactivated by default and the checks for running the code are stricter (eg. if block output for the module is deactivated the backups wont run). You can still manually re-enable the module by changing false to true in the Mage_Backup section of app/etc/modules/Mage_All.xml. Be careful that re-enabling the backup functionality potentially allows: "remote code execution (RCE), cross-site scripting (XSS), and cross-site request forgery (CSRF) issues."

                                                    – René Schep
                                                    Dec 5 '18 at 13:13







                                                    The change in this patch is that Mage_Backup is deactivated by default and the checks for running the code are stricter (eg. if block output for the module is deactivated the backups wont run). You can still manually re-enable the module by changing false to true in the Mage_Backup section of app/etc/modules/Mage_All.xml. Be careful that re-enabling the backup functionality potentially allows: "remote code execution (RCE), cross-site scripting (XSS), and cross-site request forgery (CSRF) issues."

                                                    – René Schep
                                                    Dec 5 '18 at 13:13













                                                    0














                                                    We saw an issue on a site that was using a custom multi-store configuration by a previous developer. All URLs for stores other than the base store were 404ing. It set the "HTTP_X_REWRITE_URL" server variable/HTTP Header, which changed the URL as processed by the Magento Request.



                                                    This variable is/was used by Zend_Controller_Request_Http::setRequestUri(), but the new version in app/code/core/Zend/Controller/Request/Http.php no longer uses this. The possible fixes were:




                                                    • Set $_SERVER["IIS_WasUrlRewritten"] to '1' and instead set $_SERVER["UNENCODED_URL"]

                                                    • Set $_SERVER["REQUEST_URI"] instead


                                                    Either would probably work, but the former is probably less likely to have unintended consequences as it functions closer to the previous system.





                                                    share




























                                                      0














                                                      We saw an issue on a site that was using a custom multi-store configuration by a previous developer. All URLs for stores other than the base store were 404ing. It set the "HTTP_X_REWRITE_URL" server variable/HTTP Header, which changed the URL as processed by the Magento Request.



                                                      This variable is/was used by Zend_Controller_Request_Http::setRequestUri(), but the new version in app/code/core/Zend/Controller/Request/Http.php no longer uses this. The possible fixes were:




                                                      • Set $_SERVER["IIS_WasUrlRewritten"] to '1' and instead set $_SERVER["UNENCODED_URL"]

                                                      • Set $_SERVER["REQUEST_URI"] instead


                                                      Either would probably work, but the former is probably less likely to have unintended consequences as it functions closer to the previous system.





                                                      share


























                                                        0












                                                        0








                                                        0







                                                        We saw an issue on a site that was using a custom multi-store configuration by a previous developer. All URLs for stores other than the base store were 404ing. It set the "HTTP_X_REWRITE_URL" server variable/HTTP Header, which changed the URL as processed by the Magento Request.



                                                        This variable is/was used by Zend_Controller_Request_Http::setRequestUri(), but the new version in app/code/core/Zend/Controller/Request/Http.php no longer uses this. The possible fixes were:




                                                        • Set $_SERVER["IIS_WasUrlRewritten"] to '1' and instead set $_SERVER["UNENCODED_URL"]

                                                        • Set $_SERVER["REQUEST_URI"] instead


                                                        Either would probably work, but the former is probably less likely to have unintended consequences as it functions closer to the previous system.





                                                        share













                                                        We saw an issue on a site that was using a custom multi-store configuration by a previous developer. All URLs for stores other than the base store were 404ing. It set the "HTTP_X_REWRITE_URL" server variable/HTTP Header, which changed the URL as processed by the Magento Request.



                                                        This variable is/was used by Zend_Controller_Request_Http::setRequestUri(), but the new version in app/code/core/Zend/Controller/Request/Http.php no longer uses this. The possible fixes were:




                                                        • Set $_SERVER["IIS_WasUrlRewritten"] to '1' and instead set $_SERVER["UNENCODED_URL"]

                                                        • Set $_SERVER["REQUEST_URI"] instead


                                                        Either would probably work, but the former is probably less likely to have unintended consequences as it functions closer to the previous system.






                                                        share











                                                        share


                                                        share










                                                        answered 9 mins ago









                                                        Li1tLi1t

                                                        1084




                                                        1084























                                                            -5














                                                            Probably not, but version 1.9.4.0 already have both implemented anyway.






                                                            share|improve this answer



















                                                            • 1





                                                              These stack posts are specifically so other dev's can be aware of issues your answer to this is not helpful or descriptive about any issue. I would honestly just remove this.

                                                              – danmentzer
                                                              Dec 13 '18 at 16:43
















                                                            -5














                                                            Probably not, but version 1.9.4.0 already have both implemented anyway.






                                                            share|improve this answer



















                                                            • 1





                                                              These stack posts are specifically so other dev's can be aware of issues your answer to this is not helpful or descriptive about any issue. I would honestly just remove this.

                                                              – danmentzer
                                                              Dec 13 '18 at 16:43














                                                            -5












                                                            -5








                                                            -5







                                                            Probably not, but version 1.9.4.0 already have both implemented anyway.






                                                            share|improve this answer













                                                            Probably not, but version 1.9.4.0 already have both implemented anyway.







                                                            share|improve this answer












                                                            share|improve this answer



                                                            share|improve this answer










                                                            answered Nov 28 '18 at 20:32









                                                            Ricardo MartinsRicardo Martins

                                                            612520




                                                            612520








                                                            • 1





                                                              These stack posts are specifically so other dev's can be aware of issues your answer to this is not helpful or descriptive about any issue. I would honestly just remove this.

                                                              – danmentzer
                                                              Dec 13 '18 at 16:43














                                                            • 1





                                                              These stack posts are specifically so other dev's can be aware of issues your answer to this is not helpful or descriptive about any issue. I would honestly just remove this.

                                                              – danmentzer
                                                              Dec 13 '18 at 16:43








                                                            1




                                                            1





                                                            These stack posts are specifically so other dev's can be aware of issues your answer to this is not helpful or descriptive about any issue. I would honestly just remove this.

                                                            – danmentzer
                                                            Dec 13 '18 at 16:43





                                                            These stack posts are specifically so other dev's can be aware of issues your answer to this is not helpful or descriptive about any issue. I would honestly just remove this.

                                                            – danmentzer
                                                            Dec 13 '18 at 16:43


















                                                            draft saved

                                                            draft discarded




















































                                                            Thanks for contributing an answer to Magento Stack Exchange!


                                                            • Please be sure to answer the question. Provide details and share your research!

                                                            But avoid



                                                            • Asking for help, clarification, or responding to other answers.

                                                            • Making statements based on opinion; back them up with references or personal experience.


                                                            To learn more, see our tips on writing great answers.




                                                            draft saved


                                                            draft discarded














                                                            StackExchange.ready(
                                                            function () {
                                                            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fmagento.stackexchange.com%2fquestions%2f251317%2fsupee-10975-potential-issues%23new-answer', 'question_page');
                                                            }
                                                            );

                                                            Post as a guest















                                                            Required, but never shown





















































                                                            Required, but never shown














                                                            Required, but never shown












                                                            Required, but never shown







                                                            Required, but never shown

































                                                            Required, but never shown














                                                            Required, but never shown












                                                            Required, but never shown







                                                            Required, but never shown







                                                            Popular posts from this blog

                                                            “%fieldName is a required field.”, in Magento2 REST API Call for GET Method Type The Next...

                                                            How to change City field to a dropdown in Checkout step Magento 2Magento 2 : How to change UI field(s)...

                                                            變成蝙蝠會怎樣? 參考資料 外部連結 导航菜单Thomas Nagel, "What is it like to be a...